Re: Cracking SSL passwords for fun and profit
On Wed, Nov 26, 2008 at 11:54:05PM +0100, Richard Hartmann wrote:
> I lost the password for my router ages ago. As I will move in the
> foreseeable future, I need to reconfigure it. Now, I could be boring
> and just replace the password/the OS, but I thougt I would try
> something a little more fun. Namely, I want to brute-force the
> password via SSH.
> Unfortunately, I am unable to find a tool that is able to split its
> effort over time. I.e. I want to be able to shut down the
> 'attacking' program and resume at a later point.
>
>
> If this question is off topic on this list, please excuse me. Feel
> free to ignore, reply out of band or to cuss me out.
Do you know what keyspace you used for your password? i.e. how many
(roughly) characters, were they letters, numbers, punctuation, etc?
Use your scripting language of choice (e.g. python), create a nested
loop that generates, in a logical manner, the set of passwords in which
the correct password will be found. Have this script able to save to a
file the current loop variables, and load them on startup if given the
file name as a parameter.
Once you have that looping working, add to the inner loop the actual ssh
attack.
If you were smart when you did your password, it will take a very long
time. My guess will be that its the ssh iteration that will soak up
time, and the use of a scripting language (as opposed to compiled e.g.
fortran, C, or Ada) will not slow it down.
Doug.
Reply to: