Bruteforce Series - Bruteforce attack SSH and FTP - 03

Bruteforce Series - Bruteforce attack SSH and FTP - 03

·

3 min read

SSH Attack Overview

Objective: Understand and execute a brute force attack on an SSH service using Hydra.

Key Concepts and Skills

  • Brute Force Attack: An attempt to crack passwords or keys through trial and error.

  • Hydra: A powerful, multi-platform tool designed for password cracking by performing rapid dictionary or brute force attacks.

Step-by-Step Guide

a) Concept Explanation:

  • SSH (Secure Shell): A cryptographic network protocol for operating network services securely over an unsecured network. Commonly used for remote server login and command execution.

  • Hydra's Role: Utilizes username and password lists to systematically attempt logins, identifying valid credentials.

b) Preparing for the Attack:

  1. Ensure Hydra is Installed: Confirm that Hydra is available on your system. It can typically be installed via package managers in Linux distributions.

    
     sudo apt-get install hydra
    
  2. Gather Wordlists:

    • Username List (bill.txt): Contains potential usernames.

    • Password List (william.txt): Contains potential passwords.

These lists should be prepared based on known information about the target or using common username and password compilations.

  1. Identify the Target: Obtain the IP address and SSH service port (typically 22) of the target system.

c) Executing the Attack:


hydra -L bill.txt -P william.txt -u -f ssh://TARGET_IP:22 -t 4
  • L bill.txt specifies the username list.

  • P william.txt specifies the password list.

  • u instructs Hydra to use each username in the list only once.

  • f tells Hydra to stop on the first valid password found for a username.

  • ssh://TARGET_IP:22 defines the attack protocol and target.

  • t 4 limits the number of parallel attempts to avoid connection drops.

d) Analyzing Results:

  • Successful attempts will be clearly displayed by Hydra, showing valid username-password pairs.

  • Login Using SSH: With valid credentials, you can log into the target system using:

    
      ssh USERNAME@TARGET_IP -p 22
    

FTP Brute Forcing Overview

Once access is gained to a system via SSH, further exploration and potential brute force attacks on other services like FTP can be considered.

Understanding FTP Service Vulnerability

a) Concept Explanation:

  • FTP (File Transfer Protocol): Used for the transfer of files between a client and server on a network.

  • Vulnerable to brute force attacks similar to SSH, especially when weak passwords are used.

b) Performing the Attack:

  1. Identify the FTP Service: Confirm the presence and accessibility of an FTP service on the target system or network.

  2. Utilize Hydra for FTP: Similar to the SSH attack, use Hydra with a targeted wordlist:

    
     hydra -l m.gates -P rockyou-10.txt <ftp://127.0.0.1>
    

    Adjust parameters as needed for the specific target and wordlist.

c) Post-Attack Actions:

  • FTP Login: With valid credentials, you can login to the FTP service to explore or transfer files.

    
      ftp 127.0.0.1
    
  • User Switching: If system access permits, switching to the compromised user account may provide additional privileges or access.

    
      su - USERNAME
    

Did you find this article valuable?

Support 0xiN's Journey by becoming a sponsor. Any amount is appreciated!