Essentially the tool is comprised of a small Perl file. The utility requires a few non-standard Perl libraries but these are easily installed. You must have Perl installed to use SSHatter.
Installing SSHatter
First download and unpack the tool
First download and unpack the tool
Select AllCode:
wget http://freshmeat.net/redir/sshatter/70781/url_tgz/get.php tar -xvzf SSHatter-0.6.tar.gz cd SSHatter-0.6/src
Next you may have to install the following perl libraries.
Install Parallel::ForkManager
To install Parallel:::Forkmanager it is easiest to simply download the source from
Install Parallel::ForkManager
To install Parallel:::Forkmanager it is easiest to simply download the source from
http://search.cpan.org/~dlux/Parallel-ForkManager-0.7.5/ForkManager.pm
and compile the module yourself
Select AllCode:
wget http://search.cpan.org/CPAN/authors/id/D/DL/DLUX/Parallel-ForkManager-0.7.5.tar.gz tar -xvzf Parallel-ForkManager-0.7.5.tar.gz cd Parallel-ForkManager-0.7.5 perl Makefile.pl make sudo make install
Install Net::SSH-Perl
This package is usually distributed as a package and can easily be installed on most systems.
On Fedora use:
This package is usually distributed as a package and can easily be installed on most systems.
On Fedora use:
Select AllCode:
sudo yum install perl-Net-SSH-Perl
Once you have installed these modules you'll need to create a file full of potential targets and a file of usernames to try. A simple password file is distributed with SSHatter but you may want download and utilize a more extensive one. SSHatter also uses a file of usernames. Again, you can download an extensive file or perhaps tailor this file to the target system. For our purposes we'll simply target localhost and try and brute force the user root.
Select AllCode:
$ perl SSHatter.pl usage: SSHatter.pl sleeptime: 0 - disable retries at SSHatter.pl line 62. $ echo root > users $ echo 127.0.0.1 > targets $ perl SSHatter.pl 1 targets users passwords 1 1
Evaluation
The source code to SSHatter is a mere 168 lines, making it rather compact. SSHatter also supports connection attempts to alternate port numbers if the targets are listed with an IP address, then a colon and the port (i.e. 127.0.0.1:20). SSHatter does include the handy functionality of being able to sleep between tries, so you can slow your brute force attempts, which may evade some filters.
All in all SSHatter is a simple, straightforward tool. It isn't particulary fast, stealthy or easy to use. It doesn't include any advanced functionality such as documentation, randomly generated passwords or a GUI. SSHatter also doesn't have any easy way to configure scans of ranges of IP's and seems to rely on a pre-built target list. SSHatter is also distributed as copyrighted material, rather than as GPL material, which will probably limit any sort of participation or active development community.
©2012, copyright BLACK BURN
0 comments:
Post a Comment