SSHBrute is a command-line tool for performing brute-force attacks on SSH servers using specified username and password wordlists. This tool is intended for ethical hacking and penetration testing in controlled environments where you have explicit permission to test.
WARNING: This tool should only be used on systems that you own or have explicit permission to test. Unauthorized access to computer systems is illegal and unethical.
- Brute-forces SSH login attempts using combinations of usernames and passwords from wordlists.
- Supports separate wordlists for usernames and passwords.
- Displays attempts and successful logins in the command line.
- Python 3.x
paramikolibrary
You can install the required library using pip:
paramiko is pre-installed in kalilinux so don't need to install it on kalilinux
pip install paramiko- Clone the repository or download the script
git clone https://github.com/s-r-e-e-r-a-j/SSHBrute.git- Navigate to the SSHBrute directory
cd SSHBrute- Install required libraries
pip3 install -r requirements.txt- Navigate to the SSHBrute directory
cd SSHBruteRun the tool from the command line with the following syntax:
python3 sshbrute.py <target_ip> <username_wordlist> <password_wordlist>python3 sshbrute.py 192.168.1.100 usernames.txt passwords.txttarget_ip: The IP address of the SSH server you want to
test.
username_wordlist: Path to the text file containing usernames (one per line).
password_wordlist: Path to the text file containing passwords (one per line)
The tool will display each username/password combination it attempts and indicate if a login was successful.
Trying username: admin, password: 123456
Success! Username: admin, Password: 123456This project is licensed under the MIT License. See the LICENSE file for details.