SSHStorm is a Python script that performs a brute-force attack on SSH login credentials using a list of common passwords. It attempts to authenticate against a specified SSH server and reports any successful password discoveries.
- Test SSH login attempts using a list of commonly used passwords.
- Simple and intuitive command-line interface.
- Provides immediate feedback on password validity for each attempt.
- Python 3
paramikolibrary for SSH connections
-
Clone the repository:
git clone https://github.com/secusavvy/SSHStorm.git cd SSHStorm -
Run the script:
python SSHStorm.py
-
Configuration:
- Edit the
host,username, andpassword_filevariables in the script to match your target settings. - Place your list of common passwords in
ssh-common-passwords.txt.
- Edit the
-
Execution:
- The script will sequentially attempt each password from the list and display whether the password is valid or not.
- The script reads passwords from a specified file and tries each one against the SSH server.
- For each password, it uses the
paramikolibrary to attempt an SSH connection. - If a valid password is found, it prints the successful password and stops further attempts.
- Invalid passwords are reported, and the script continues with the next password.
The author of this script is not responsible for any misuse or damages caused by using this script. Use it at your own risk.
Happy hacking responsibly!