epi052 / cve-2018-15473 Goto Github PK
View Code? Open in Web Editor NEWMulti-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
License: Other
Multi-threaded, IPv6 aware, wordlists/single-user username enumeration via CVE-2018-15473
License: Other
File "/home/bunter/cve-2018-15473/ssh-username-enum.py", line 27, in import paramiko ModuleNotFoundError: No module named 'paramiko'
The code is no longer valid, seems like modules have been updated without testing.
Requirement already satisfied: asn1crypto==0.24.0 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 1)) (0.24.0)
Requirement already satisfied: bcrypt==3.1.4 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 2)) (3.1.4)
Requirement already satisfied: cffi==1.11.5 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 3)) (1.11.5)
Requirement already satisfied: cryptography==2.3.1 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 4)) (2.3.1)
Requirement already satisfied: idna==2.7 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 5)) (2.7)
Collecting paramiko==2.4.1
Using cached paramiko-2.4.1-py2.py3-none-any.whl (194 kB)
Requirement already satisfied: pyasn1==0.4.4 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 7)) (0.4.4)
Requirement already satisfied: pycparser==2.18 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 8)) (2.18)
Requirement already satisfied: PyNaCl==1.2.1 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 9)) (1.2.1)
Requirement already satisfied: six==1.11.0 in /usr/local/lib/python3.7/dist-packages (from -r requirements.txt (line 10)) (1.11.0)
Installing collected packages: paramiko
Attempting uninstall: paramiko
Found existing installation: paramiko 2.0.8
Uninstalling paramiko-2.0.8:
Successfully uninstalled paramiko-2.0.8
Successfully installed paramiko-2.4.1
[+] OpenSSH version 7.2 found
Traceback (most recent call last):
File "ssh-username-enum.py", line 203, in
main(**vars(args))
File "ssh-username-enum.py", line 172, in main
apply_monkey_patch()
File "ssh-username-enum.py", line 85, in apply_monkey_patch
old_msg_service_accept = auth_handler._client_handler_table[paramiko.common.MSG_SERVICE_ACCEPT]
AttributeError: type object 'AuthHandler' has no attribute '_client_handler_table'
fixer@fixer:~/SALAT/cve-2018-15473$ ./ssh-username-enum.py -u epi 80.93.26.***
[+] OpenSSH version 7.4 found
Traceback (most recent call last):
File "/home/fixer/SALAT/cve-2018-15473/./ssh-username-enum.py", line 203, in
main(**vars(args))
File "/home/fixer/SALAT/cve-2018-15473/./ssh-username-enum.py", line 172, in main
apply_monkey_patch()
File "/home/fixer/SALAT/cve-2018-15473/./ssh-username-enum.py", line 85, in apply_monkey_patch
old_msg_service_accept = auth_handler._client_handler_table[paramiko.common.MSG_SERVICE_ACCEPT]
TypeError: 'property' object is not subscriptable
How to fix it?
AFAIK the issue is fixed in my fork here https://github.com/aidan-gibson/cve-2018-15473
All I did was change paramiko from 2.4.1 to 2.3.3
/usr/lib/python3/dist-packages/paramiko/transport.py:236: CryptographyDeprecationWarning: Blowfish has been deprecated
"class": algorithms.Blowfish,
The tool run correctly but I created a random wordlist and it says for all "found".
It can be also maybe a problem with the server...
I know the service is vulnerable because I found the vuln with nmap scan with --script vuln.
└─$ python3 ssh-username-enum.py -v -u jzoeifjoiejfoizejfoziefojzi server_adress
[+] OpenSSH version 7.4 found
[+] jzoeifjoiejfoizejfoziefojzi found!
Xprogrammer777
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.