Honeypots mailing list archives
Re: Displaying SSH password attempts
From: Daniel Cid <danielcid () yahoo com br>
Date: Wed, 5 Jul 2006 10:37:46 -0300 (ART)
Hi Tom, I did something similar in the past and to print out the passwords I just grabbed the last openssh package and modified the auth-passwd.c file (around line 80) and added the following code(just after the beginning of the auth_password function): if(strlen(password) > 1)) error("user: %s, pass: %s", authctxt->user, password); Some of the information I found about the passwords are available here: http://www.ossec.net/ossec-list/2006-March/msg00004.html hope it helps, -- Daniel B. Cid dcid ( at ) ossec.net --- Tom Doherty <tomd () singlesecond com> escreveu:
Hi Guys, Is anyone aware of a patch that shows passwords tried when a user is trying to log into OpenSSH? The reason I ask is I have had a honeypot online for a week with various accounts with what I would consider obvious passwords, "password" for example. After 7 bruteforce attempts access still hasn't been gained. I'd like to know the passwords attempted so I can update the passwords on the accounts, is there a patch available for this? Thanks Tom
_______________________________________________________ Abra sua conta no Yahoo! Mail: 1GB de espaço, alertas de e-mail no celular e anti-spam realmente eficaz. http://mail.yahoo.com.br/
Current thread:
- Displaying SSH password attempts Tom Doherty (Jul 05)
- Re: Displaying SSH password attempts Jeff Lake (Jul 05)
- Re: Displaying SSH password attempts Daniel Cid (Jul 05)
- <Possible follow-ups>
- Re: Displaying SSH password attempts Nikola (Jul 05)
- RE: Displaying SSH password attempts Dodge, R. LTC EECS (Jul 05)
- Re: Displaying SSH password attempts Valdis . Kletnieks (Jul 05)
- Re: Displaying SSH password attempts Harry Hoffman (Jul 05)
- Re: Displaying SSH password attempts Tom Doherty (Jul 05)
- Re: Displaying SSH password attempts Valdis . Kletnieks (Jul 05)
- Re: Displaying SSH password attempts ader (Jul 07)
- Re: Displaying SSH password attempts Valdis . Kletnieks (Jul 07)
- Re: Displaying SSH password attempts ader (Jul 11)