multiple successful results with the same IP address,

matricali / cbrutekrag

Penetration tests on SSH servers using brute force or dictionary attacks. Written in C.

MIT License

173 stars 28 forks source link

multiple successful results with the same IP address, #22

Open Little-Potato01 opened 9 months ago

Little-Potato01 commented 9 months ago

multiple successful results with the same IP address, completely incorrect, taking up time, and unable to be used in practical situations.

matricali commented 9 months ago

Related to #20

I haven't had the time to research how to detect SonicWall footprint

matricali commented 9 months ago

@Little-Potato01 can you help me testing against branch 20-detect-sonicwall-ssh? Thanks in advance

Little-Potato01 commented 9 months ago

@Little-Potato01你能帮我测试分支20-detect-sonicwall-ssh吗？提前致谢

Tested 3 IP/16 with over 20 correct passwords placed inside.

No correct result was produced.

Little-Potato01 commented 9 months ago

Testing completed! The blasting function fails without any results.

matricali commented 9 months ago

I'm needing more info

I've tested against trusted SSH servers and got correct results both for correct and invalid credentials

Little-Potato01 commented 9 months ago

revert-23-20-detect-sonicwall-ssh

I just tested the "reverse 23-20 detect sonicwall sh" project. The issue of "sonicwall" has not been fully resolved. Take a screenshot

Version: Copyright (c) 2020 SonicWall, Inc. // 222.186.125.121:22 Copyright (c) 2021 SonicWall, Inc. // 103.91.100.42:22 Copyright (c) 2022 SonicWall, Inc. // 43.248.32.16:22 Copyright (c) 2023 SonicWall, Inc. // 103.85.92.66:22

Please collect fingerprints to detect and filter them out!

matricali commented 9 months ago

Working on this

Little-Potato01 commented 9 months ago

If testing is required, please let me know!

Tarkenz commented 7 months ago

Hello. Is this issue fixed yet?

matricali commented 7 months ago

Hello. Is this issue fixed yet?

Partially, you can test the branch 20-detect-sonicwall-ssh

Tarkenz commented 7 months ago

Hello. Is this issue fixed yet?

Partially, you can test the branch 20-detect-sonicwall-ssh

thanks for the quick response! I'm testing it. I have 2 issues here, not quite sure if it is only on my side, so hope you can take a look

The font text was broken after a while
No result about good server save on output file (my command has -o output.txt) although it was done scanning (not brute forcing) So my guess about the second is maybe it only saves when all done? (both scanning and brute-forcing) Edit: seems like it is still scanning, just the progress was bugging and didnt show up

Tarkenz commented 7 months ago

I see, so the newest version doesnt has -S option to save the scanning result and for the problem 1, I downloaded from Release tab so no wonder I got the old version which has bugs All solved now. Greatly appreciated your hard work But it would be cool if you are able to add the saving good IPs (not skipped IPs) to other output file, so that way we can recheck those IP with different combo

matricali commented 1 month ago

One way to avoid this could be to use the --check-http flag to do an additional check and discard false positives.