13 April, 2020

Osueta: A Simple Python Script To Exploit The OpenSSH User Enumeration Timing Attack


About Osueta?
   Osueta it's a simple Python 2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions <= 7.2 and >= 5.*. The script has the ability to make variations of the username employed in the bruteforce attack, and the possibility to establish a DoS condition in the OpenSSH server.

    Read more: OpenSSH User Enumeration Time-Based Attack

   The bug was corrected in OpenSSH version 7.3.

   Authors of Osueta:

Osueta's Installation
   For Linux users, open your Terminal and enter these commands:
   If you're Windows users, follow these steps:
  • Install Python 2.7.x from Python.org first. On Install Python 2.7.x Setup, choose Add python.exe to Path.
  • Download Osueta-master zip file.
  • Then unzip it.
  • Open CMD or PowerShell window at the Osueta folder you have just unzipped and enter these commands:
    pip install python-nmap paramiko IPy
    python osueta.py -h

Advice: Like others offensive tools, the authors disclaims all responsibility in the use of this script.

Osueta help menu:

Osueta's examples:
   A single user enumeration attempt with username variations:
python2 osueta.py -H 192.168.1.6 -p 22 -U root -d 30 -v yes

   A single user enumeration attempt with no user variations a DoS attack:
python2 osueta.py -H 192.168.1.6 -p 22 -U root -d 30 -v no --dos yes

   Scanning a C class network with only one user:
python2 osueta.py -H 192.168.1.0/24 -p 22 -U root -v no 

   Scanning a C class network with usernames from a file, delay time 15 seconds and a password of 50000 characters:
python2 osueta.py -H 192.168.1.0/24 -p 22 -L usernames.txt -v yes -d 15 -l 50

Related word


  1. Hacker Tools 2019
  2. Hack Apps
  3. Hacking App
  4. Hacking Tools Windows 10
  5. Nsa Hack Tools
  6. Hackers Toolbox
  7. What Are Hacking Tools
  8. Hacker Tools
  9. Beginner Hacker Tools
  10. How To Hack
  11. Hacker Tools Mac
  12. Pentest Tools Find Subdomains
  13. Hacking Tools For Kali Linux
  14. Pentest Tools Alternative
  15. Nsa Hack Tools Download
  16. Pentest Reporting Tools
  17. Pentest Tools Kali Linux
  18. Hacker Tools Github
  19. Hack Tools For Mac
  20. Hacker Tools Linux
  21. Hacker Tools For Windows
  22. Hacking Tools Usb
  23. Pentest Tools Framework
  24. Pentest Tools Url Fuzzer
  25. Hacker Techniques Tools And Incident Handling
  26. Hacker Tools Github
  27. Hack Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)