Ssh Auditor - The Best Trend To Scan For Weak Ssh Passwords On Your Network
The Best Way To Scan For Weak Ssh Passwords On Your Network
Features
ssh-auditor volition automatically:
Demos
Earlier demo showing all of the features
Demo showing improved log output
Usage
Install
or Build from a git clone
Build a static binary including sqlite
Ensure yous tin purpose plenty file descriptors
Create initial database in addition to discover ssh servers
Add credential pairs to check
Try credentials against discovered hosts inwards a batch of 20000
Output a written report on what credentials worked
RE-Check credentials that worked
Output a written report on duplicate primal usage
Report query.
This interrogation that
Features
ssh-auditor volition automatically:
- Re-check all known hosts every bit novel credentials are added. It volition solely cheque the novel credentials.
- Queue a amount credential scan on whatever novel host discovered.
- Queue a amount credential scan on whatever known host whose ssh version or primal fingerprint changes.
- Attempt ascendency execution likewise every bit endeavor to tunnel a TCP connection.
- Re-check each credential using a per credential
scan_interval- default xiv days.
ssh-auditor discover + ssh-auditor scan from cron every hr to to perform a constant audit.Demos
Earlier demo showing all of the features
Demo showing improved log output
Usage
Install
$ brew install instruct # or withal yous desire to install the instruct compiler $ instruct start github.com/ncsa/ssh-auditoror Build from a git clone
$ instruct buildBuild a static binary including sqlite
$ brand staticEnsure yous tin purpose plenty file descriptors
$ ulimit -n 4096Create initial database in addition to discover ssh servers
$ ./ssh-auditor notice -p 22 -p 2222 192.168.1.0/24 10.0.0.1/24Add credential pairs to check
$ ./ssh-auditor addcredential root root $ ./ssh-auditor addcredential admin admin $ ./ssh-auditor addcredential invitee guest --scan-interval 1 #check this in 1 lawsuit per dayTry credentials against discovered hosts inwards a batch of 20000
$ ./ssh-auditor scanOutput a written report on what credentials worked
$ ./ssh-auditor vulnRE-Check credentials that worked
$ ./ssh-auditor rescanOutput a written report on duplicate primal usage
$ ./ssh-auditor dupesReport query.
This interrogation that
ssh-auditor vuln runs isselect hc.hostport, hc.user, hc.password, hc.result, hc.last_tested, h.version from host_creds hc, hosts h where h.hostport = hc.hostport in addition to result!='' gild past times last_tested asc