3

Pentester Tools : SSHScan

Posted by zuhaircmr
    SSHScan is a testing tool that enumerates SSH Ciphers. We Can easily detect weak ciphers by using this .


Lets tryout SSHScan in BrokenWeb (A Vulnerable machine) hosted locally .

Brokenweb IP : 192.168.3.107


codebreaker@zbox:~$ ./SSHScan/sshscan.py -t 192.168.3.107:22



 In Network Pentesting, Once you detect an SSH port , then try for SSHScan to detect the ciphers. If KEX algoritham is weak then an attacker can easily create a Denial of Service attack on SSH port and hence the target wont be accessible by the anyone at the moment.

GITHUB Link:
https://github.com/evict/SSHScan

Installation :
git clone https://github.com/evict/SSHScan 

Copyright © 2009 Topfom Cybersecurity Blog: Navigating Tech Trends & Digital Security Since 2007 All rights reserved. Theme by zuhaircmr. | Bloggerized by topform.

free hit counters