DRAFT

This page is still a draft. Thank you for your understanding.

Description

bfssh is a multi-threaded tool written in C to retrieve weak keys in authorized_keys files on a remote machine. It will test for all possible keys for a given architecture in less than five minutes on a decent network. You'll need a vulnerable libssl/libcrypto and libssh to compile/use it.

Installation

Prerequisites

Vulnerable libssl/libcrypto

Warning

This will install a vulnerable version of libssl/libcrypto on your system. It is highly recommended to install it on a testing lab (e.g. a vulnerable machine).

$ cd ~/src/
$ wget https://www.cr0.org/progs/sshfun/libssl-vuln.tgz
$ tar xvzf libssl-vuln.tgz

Then copy the vulnerable *.so files in /usr/lib/

$ cp libssl-x86/* /usr/lib/

libssh

$ cd ~/src/
$ wget https://www.cr0.org/progs/sshfun/libssh-0.2.tgz
$ tar xzvf libssh-0.2.tgz
$ cd libssh-0.2/
$ ./configure
$ make
$ sudo make install

Installation of bfssh

$ cd ~/src/
$ wget https://www.cr0.org/progs/sshfun/bfssh-1.0.tgz
$ tar xzvf bfssh-1.0.tgz
$ make
$ sudo make install

Usage

Syntax

INCOMPLETE SECTION OR ARTICLE

This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Options

INCOMPLETE SECTION OR ARTICLE

This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Example

INCOMPLETE SECTION OR ARTICLE

This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Comments