Tuesday, April 3, 2018

Bruteforce (II): attacking an SSH server with BRUTER


- Layout for this exercise:

- This exercise is based in the previous one:

1 - Setting up an SSH server

- Downloading the freeSSHd server to the victim Windows 10:

- Running the executable:

- Going to the SSH server Settings:

- Starting the SSH server on the victim side Windows 10:

- Adding a user admin and a simple password (123):

- Finally the SSH server is up and running:

- Checking that the SSH service works for the user admin:

2 - Bruteforcing the SSH server

- From the attacker machine Windows 7, checking that the port 22 is open at the victim Windows 10 (

- Running Bruter.exe from the attacker against the SSH server (IP, port 22):

2.1) Dictionary

- Taking the Dictionary option, and browsing for a wordlist:


- Starting the attack:

- The attack is successful because and the password (123) is revealed:

2.2) Brute force

- Choosing Brute force, setting options for the Charset and the length of the password:


- Starting the attack:

- Finally the attack is successful because the password (123) is revealed:

- The password has been chosen deliberately simple because the purpose of this exercise was just to demonstrate how to operate with the Bruter tool.

- For more complex passwords Bruter has a wide range of predefined Charsets with a greater number of characters, in addition to the possibility of decreasing the Min_Len parameter and increasing Max_Len.

- Obviously, the disadvantage would lie in the slowness of the attack, in addition to the greater amount of resources needed to implement it.