Osueta it’s a simple Python2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions 5.* and 6.*. The script has the ability to make variations of the username employed in the bruteforce attack, and the possibility to establish a DOS condition in the OpenSSH server.
osueta v0.8
Requirements:
+ nmap
+ python 2.7
Latest Change 27/3/2016:
+ osufunc.py: Minor change.
+ Install paramiko from pip (python requirement)
Usage:
apt-get install python-ipy python-nmap (Ubuntu/Debian/Kali) yum install python-ipy python-nmap brew install python-ipy python-nmap (mac OSX) git clone https://github.com/c0r3dump3d/osueta && cd osueta pip install paramiko python osueta.py Update: git pull origin master
Source: https://github.com/c0r3dump3d