In today's Armitage Series Part (4), we offer you the opportunity to show you how Armitage is used in general focusing on bruteforcing techniques via SSH.
In the previous video we saw how to Elevate from Shell to a Meterpreter Session.
In this Hacking Minutes Series we will be talking about BruteForcing Via SSH and how you can do it.
There are a few methods of performing an SSH brute-force attack that will ultimately lead to the discovery of valid login credentials, many techniques can be applied, we will show one.
The first method we will try out today involves one of Metasploit's auxiliary scanners. Before we begin any brute-force attack, we need to determine the state of the port that SSH is
running on, using Nmap.
In order to perform this attack, you will need a wordlist with usernames and passwords which have a good combination of words and commonly used password and the tools that we will
try different combinations with each password and username.
To attack the SSH service, we can use the auxiliary/scanner/ssh/ssh_login.
Using Armitage, Time is everything, should be fast, efficient and gives a solid result that can be checked even after false positives.
We hope you enjoy the demo.
Machines used: Kali Linux(attacker)/ metasploitable 2 (victim machine)
-msfconsole: We will perfom an SSH brute-force attack.
-we can used: auxiliary/scanner/ssh/ssh_login.
Disclaimer: This Video is for Educational Purpose Only, what you do is your responsibility and Black Hat
Ethical Hacking or anyone involved, is not held accounted for if any damage for any reason occurs.
Soundspace Ambient, Cyberpunk Music. Royalty Free
Anton Shilo-Future Begins | Royalty Free Music | AudioJungle
Support our work on Patreon: