Python Brute Force Password hacking (Kali Linux SSH)

// MENU //
00:00 - Intro
00:16 - SSH Brute Force demo using Linode
01:37 - Your password is vulnerable
01:58 - Leaked passwords // rockyou database
03:25 - SSH Brute Force demo (continued)
05:59 - Disclaimer
06:20 - SSH Brute Force demo (continued)
10:24 - Conclusion

// Script //

// Sites mentioned //

// David's Social //

davidbombal

Thanks Mr David suggestion from my side is make a playlist on hacking with termux. It will be great playlist ever in your channel.

esaelvladimir

Big Fan 😉. You are great for hackers. Keep updating us.

mrsudo

I love your vids. I'm newish on the subject of security. You're very clear and concise and I'm glad I found you. Your posts are most often the highlight of my news feeds. Shit hot man :)

jamesmurphy

I don't have words to express my feelings, literally you are great person, thanks for the wonderfull information David Sir... ❤

human_being_from_exo_planet

The Start of the great way to start a video. Much love from Uganda.

xRuta

NOW THIS IS THE TECH TIPS!
Kudos Good Sir And May You Keep Us the IT Peasants well informed.

ihvdrm

If someone sets up a SSH server, one should assume that he/she has the appropriate knowledge to do so and takes some precaution against attacks like this:
1) never let user root login in
2) use fail2ban to ban a certain IP address for a certain amount of time after a certain amount failed attempts - which I thought to be a no-brainer with ssh.

and those attempts will definitely be logged!

if you fail to properly setup your ssh-server I can't see an need for proper passwords. The here mentioned Ashley-Madison hack is an exzellent example for (presumably) good passwording but failed administration on the server side. (weak hashes, no salt'n peppa, etc.)
No matter how strong / save your password or you password manager is, if the server admins fail, there is no protection!

but definitely a good python training

tomschulte

David is an adorable person to me, his speech and videos are excellent!

bidyapatibiswas

Hey David big fan of you and Network Chuck 😀 love all of your videos I'm following you and subbed to you have whatching all of you videos and you and Network Chuck you guys are the best teacher's ever :)

sargismartirosyan

the world is not too easy David ;)
But Thanks for the Videos, your making a great Job man

younesrabhi

Nobody uses password for ssh, but keys. Otherwise login attempts are strictly limited. If you encounter machine with ssh password which allows you brute force - most likely you are in honeypot

hitmax

thank you for all the great work you have been doing

cybertin

also when ur doing it there will be a log file of ur ip in the victims server of ssh logs

jimo

How would you do that if there was an SSH id_rsa key and the password is disable ???

alexisel.

requirements.txt has 440 modules


edit: great video

harveykyle

I love your videos, and pls make a video on how to use raspberry Pi without ethernet connection with ssh ❤️❤️plssss, Love from India ❤️

sufiyaanabdullah

Great video!! always clear and straight to the point. One Question. Why are there so many requirements in requirements.txt ? Am I missing something?

tolowo

Hi does your python script write the found text file as soon as it gets a hit or only once its completed going through the passwords.csv file. Many thanks

mjon

Awesome, can you make a video on how to crack a captured hash or handshake using the cloud ? :]

janmillerty