Re: Displaying SSH password attempts

[Daniel Cid <danielcid () yahoo com br>]

Hi Tom,

I did something similar in the past and to print out
the passwords I just grabbed the last openssh package
and modified the auth-passwd.c file (around line 80)
and added the following code(just after the beginning
of the auth_password function):

if(strlen(password) > 1))
error("user: %s, pass: %s", authctxt->user, password);


Some of the information I found about the passwords
are available here:

http://www.ossec.net/ossec-list/2006-March/msg00004.html


hope it helps,

--
Daniel B. Cid
dcid ( at ) ossec.net


--- Tom Doherty <tomd () singlesecond com> escreveu:

> Hi Guys,
> Is anyone aware of a patch that shows passwords
> tried when a user is 
> trying to log into OpenSSH?
> The reason I ask is I have had a honeypot online for
> a week with various 
> accounts with what I would consider obvious
> passwords, "password" for 
> example. After 7 bruteforce attempts access still
> hasn't been gained.
> I'd like to know the passwords attempted so I can
> update the passwords 
> on the accounts, is there a patch available for
> this?
> Thanks
> Tom



                
_______________________________________________________ 
Abra sua conta no Yahoo! Mail: 1GB de espaço, alertas de e-mail no celular e anti-spam realmente eficaz. 
http://mail.yahoo.com.br/