SSH [22]

SSH-Audit

It checks the client-side and server-side configuration and shows some general information and which encryption algorithms are still used by the client and server.

z3tssu@htb[/htb]$ git clone https://github.com/jtesta/ssh-audit.git && cd ssh-audit

z3tssu@htb[/htb]$ ./ssh-audit.py 10.129.14.132

Change Authentication Method

Linux Remote Management Protocols

z3tssu@htb[/htb]$ ssh -v cry0l1t3@10.129.14.132

OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config 
...SNIP...
debug1: Authentications that can continue: publickey,password,keyboard-interactive

For potential brute-force attacks, we can specify the authentication method with the SSH client option PreferredAuthentications.

z3tssu@htb[/htb]$ ssh -v cry0l1t3@10.129.14.132 -o PreferredAuthentications=password

OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
...SNIP...
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: password

cry0l1t3@10.129.14.132's password:

PreviousIPMI [623]NextRsync [873]

Last updated 11 months ago