known_hosts_bruteforcer
known_hosts_bruteforcer copied to clipboard
xme
Perl script to bruteforce SSH known_hosts files.
@Targunitoth's fork appears to have incorporated some of the clean-up mentioned in one of the Todo's. It would be nice to incorporate this back into this fork. Here is the...
Ran on my ~/.ssh/known_hosts file as follows: ``` $ ./known_hosts_bruteforcer.pl -i -s 192.168.0.0 ``` Received the following output on the first few lines: ``` *** Found host: 192.168.0.9 (line 7)...
Reference: https://perlmaven.com/open-files-in-the-old-way Current code calls open on known_hosts as: ``` open(HOSTFILE, "$knownhostFile") || die "Cannot open $knownhostFile"; ``` Recommend changing to the following to make explicit that we're opening the...
Recommend adding a LICENSE file to explicitly inform everyone what they are allowed and not allowed to do with this code. https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/licensing-a-repository
Povl Ole Haarlev Olsen commented on the original blog on 25 Apr 2015 (https://blog.rootshell.be/2010/11/03/bruteforcing-ssh-known_hosts-files/) stating: > Another optimization step would be to move the decode_base64($saltStr[$i]) step from searchHash() (i.e. ALL...
Povl Ole Haarlev Olsen commented on the original blog on 25 Apr 2015 (https://blog.rootshell.be/2010/11/03/bruteforcing-ssh-known_hosts-files/) stating: > fillString() does the same as “$char x $len” and getPos() does the same as...
Povl Ole Haarlev Olsen commented on the original blog on 25 Apr 2015 (https://blog.rootshell.be/2010/11/03/bruteforcing-ssh-known_hosts-files/) stating: > ... a known_hosts file with only one line where I knew the correct hostname...
@halpomeranz's fork appears to have added a dictionary mode. It would be nice to absorb the change back into the original fork. Here is the comparison against the fork: https://github.com/xme/known_hosts_bruteforcer/compare/master...halpomeranz:master?diff=unified