[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SSHatter, the SSH brute forcer is now up to release 0.6. New since the last
* Changes allowing rudimentary username enumeration via timing attacks (as
been implemented. These changes has been validated against OpenSSH 3.5p1.
* Targets and usernames are now specified in a file and targets can now be
specified one per line in the format <hostname>[:<portnumber>].
* Reconnection can optionally be enabled where support on connection failures
* A default passwords list (taken from
http://www.nth-dimension.org.uk/downloads.php?id=30) has also been added.
* Fixes for systems configured with AllowUsers have added as these systems do
not return "Permission denied" on Net::SSH::Perl->login().
This latest version can be downloaded from
Remember, auditing systems without permission may be a crime, always read the