Brute Force SSH Test Own Server With ncrack, hydra, medusa

If we use these purely hacking tools, we can really check how our servers appear to a black hat hacker. It is normal not to know how to use them by a relatively new sysadmin. These will give you idea why odd log entries appear too. Here is real life way to brute force SSH test own server with ncrack, hydra, medusa. These are no way closest to real black hat hackers work. They will have many machines with full anonymous status, huge resource of basic things like list of passwords. If your password is really password, it will take few seconds to discover.

Brute Force SSH Test Own Server With ncrack, hydra, medusa

Installing these tools from repository is just easy, here are more than those three tools :

If you want to completely remove later, you can purge them. wget this list of 1717681 passwords (I am not joking about the number) :

If you want more passwords, here are more :

If list of passwords lists name is passwords.txt, you are running on localhost 127.0.0.1 against SSH, assumed SSH user is root, then command will be :

You will get easy to understand respond as output if password matches with the list. With the same criterion, with ncrack the command will be :

With medusa, command will be :

Yes, so much easy to brute force! That is the basic reason we suggest change the default username from root to something else, disable root SSH access, use fail2ban etc. After running those tools, check your logs for entries. Do not run those tools on others, they can bring DDoS attack.