Category Archives: Personal

SSHDODGE ou comment outrepasser la protection “fail2ban” lors de l’attaque d’un port ssh.

Source : https://github.com/Neetx/sshdodge

Suite à un repérage des ports d’un serveur (au moyen de son nom de domaine ou de son adresse ip et de l’application nmap), on peut envisager d’attaquer un port, par exemple un port ssh (généralement le port 22) avec des programmes comme hashcat ou hydra. Il existe plusieurs types d’attaques : attaque par dictionnaire avec une liste de mots (générée par l’application crunch par exemple), voire même attaque en force brute. Il faut alors prévoir de disposer d’une forte puissance de calcul, notamment au niveau du GPU. Et ne pas avoir peur des factures d’électricité.

Je précise que tout ceci est illégal. Je décline toute responsabilité quant à vos agissements. En revanche, ce qui est légal est de tester la sécurité d’un mot de passe ou d’un serveur pour le compte d’un client avec de sécuriser les architectures réseaux de ce même client.

Technique ancestrale mise en exergue, notamment dans la série Mr Robot, il existe désormais une parade très efficace à cette méthode : j’ai nommé le programme “fail2ban” qui va repérer automatiquement des tentatives de connexion multiples, échouées et répétitives et se protéger en bannissant l’IP qui lance les attaques.

Mais, alors comment outrepasser la protection fail2ban ? Voici la réponse ci-dessous !!! Il n’a pas été simple de trouver ceci. Il s’agit d’un script python.

Tool used to test weakness of some ssh passwords, thanks to a dictionary attack (bypassing fail2ban protection).

Sshdodge is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Sshdodge is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/


Tool developed to demonstrate the weakness of some ssh passwords. It bypasses fail to ban protection changing ip with tor reload function, after some attempts defined in input by user. Use these tool with consciousness.

Usage:

sshdodge.py [-h] [-u USER] [-i IP] [-p PORT] [-a ATTEMPTS] [-t] wordlist

positional arguments:
  wordlist              Wordlist for dictionary attack

optional arguments:
  -h, --help            show this help message and exit
  -u USER, --user USER  User used to connection
  -i IP, --ip IP        Destination ip address
  -p PORT, --port PORT  Destination port
  -a ATTEMPTS, --attempts ATTEMPTS
                        Number of attempts before identity change
  -t, --test            Use the to test dependences

Example:

sudo ./sshdodge -u root -i 127.0.0.1 -p 22 wordlist.txt -a 3

DEPENDENCES: You need to install on your system:

  • tor
  • sshpass
  • proxychains

SYSTEM USED:

  • Debian 9.2
Le code du programme en python (merci neetx)

“””

SSHDODGE

Tool used to test weakness of some ssh passwords, thanks to a dictionary attack (bypassing fail to ban protection).

Copyright (C) 2017 Neetx

This file is part of sshdodge.

Sshdodge is free software: you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation, either version 3 of the License, or

(at your option) any later version.

Sshdodge is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

GNU General Public License for more details.

You should have received a copy of the GNU General Public License

along with this program. If not, see http://www.gnu.org/licenses/

CONTACTS:

  • neetx@protonmail.com


Ukraine border ! Sigheti marmatei, news from summer.

I hope you’re having a nice summer and cool holidays. I visited Romania, first the capital, Bucharest or Bucuresti in Romanian, then Cluj-Napoca, and last but not least Baia Mare, a small city not very far away from Sigheti Marmatei and the border with Ukraine. I even tried to cross the border of the Ukraine but I didn’t manage to do it. Not enough time.

Presque en Ukraine !

I was impressed by Romania. Many beautiful buildings and far more rich than the Republic of Moldova.

I am currently reading a horror book from Stephen King “the pet sematary”, a book from an English M.D. Laurent Alexandre about AI and I am also trying to understand the underlying mechanics of the amazing world of DNA.

Le centre-ville de Baia Mare !

Aller Anfang ist schwer. Anfang ist anfang ! — Friedrich Heinrich Wilhelm Körte

This is a tribute to an episode of Mr robot (American TV show) where a seemingly German senior officer of E-Corp is speaking to Eliott in the lift on their way to the office early in the morning. This is the beginning of the working day and obviously he is telling to Eliott that “to begin is easy, to last is an art”, a German proverb. It appears to be a proverb from Friedrich Heinrich Wilhelm Körte and the sentence in German is “Aller Anfang ist schwer. Anfang ist anfang.”

I have been watching this TV show for three years and obviously its quality is very high, especially regarding the way it is conceived and how it appeared to the screen (use of frames, music). Episode 5 of season 3 is incredibly realistic in its violence. I remember very well being shocked by the violent assault of E-Corp’s offices the first time I watched the fifth episode of third season.

Violence is and has always been a part of life. To be exhaustive there is first of all  words and speech  then law, and at the end violence and strenght.

Law is a tool to master violence within societies and human interactions. Law is not really a mean to protect the weak neither it is for the powerful ones, first of all it’s sometimes made by powerful and wealthy nations. On a second hand it’s always an element in front of strenght. And violence can of course bypass law.

Think about the UN. The UN and more broadly international public law, humanitarian law are jokes. The real thing that matters is money and its correlate : strenght. Wars can be declared out of the blue when you’re the USA and it doesn’t matter if international law forbid it.

A lot of scenes from Mr robot are -according to me- pieces of art. I am not surprised the TV show was conceived by a son of immigrants born in the US to be precise. An American with Egyptian descent. I tend to think that immigrants (when combined with good education basis) are more smart than natives most of the time. Many businesses are created by immigrants. And well, the most powerful state in the world is a country of immigrants.

Last updates regarding recent hacking tools – links from a deepweb forum.

Publication personnelle : je cherche à me mettre à jour sur les techniques de hacking moderne. Je connais par exemple l’usage de hydra, hashcat pour attaquer des mots de passe avec des listes de mots, ou en force brute. Mais attaquer un serveur pour trouver un mot de passe est maintenant impossible en utilisant ces techniques puisque les administrateurs installent des logiciels sur les serveurs pour rejetter une IP lorsqu’un grand nombre de tentatives de connexion sont effectuées rapidement par une seule adresse ip avec des mots de passe différents.

En surfant sur des forums spécialisés, j’ai trouvé ces séries de vidéos qui semblent au goût du jour dans le domaine du hacking.

A suivre … si j’ai le temps. Il est vrai que le hacking ne m’intéresse pas plus que cela car je ne déteste personne au point de vouloir compromettre ses données personnelles. C’est par ailleurs très illégaL.