Files
Guillaume-Sanchez ff4bb12d22 initial commit
2026-05-26 13:56:03 +02:00

62 lines
1.7 KiB
Bash

#!/bin/bash
# Tests de sécurité SSH
TARGET=$1
PORT=${2:-22}
WORDLIST="/tmp/wordlist.txt"
echo "=== SSH Security Testing ==="
# 1. Création d'une mini wordlist
echo -e "\n[1] Creating test wordlist..."
cat > $WORDLIST << 'WORDS'
admin
password
123456
pkilab
pkilab2024
groupeX
root
test
ssh
alpine
WORDS
# 2. Test de bruteforce (limité)
echo -e "\n[2] Testing password strength (limited)..."
echo "WARNING: This is for educational purposes only!"
# Utilisation d'hydra avec limitations
timeout 30 hydra -l pkilab -P $WORDLIST -t 4 -f \
ssh://$TARGET:$PORT 2>/dev/null | grep -E "host:|login:|password:"
# 3. Test de timing attacks
echo -e "\n[3] User enumeration via timing:"
for user in root admin pkilab nonexistent$(date +%s); do
echo -n "Testing user '$user': "
start=$(date +%s%N)
timeout 2 ssh -oConnectTimeout=1 -oPasswordAuthentication=yes \
$user@$TARGET -p $PORT 2>&1 >/dev/null
end=$(date +%s%N)
elapsed=$(( (end - start) / 1000000 ))
echo "${elapsed}ms"
done
# 4. Test de clés SSH faibles
echo -e "\n[4] Testing for weak SSH keys:"
# Génération d'une clé faible (pour test)
ssh-keygen -t rsa -b 1024 -f /tmp/weak_key -N "" -q
ssh-keygen -y -f /tmp/weak_key > /tmp/weak_key.pub
echo "Generated weak RSA-1024 key for testing"
rm -f /tmp/weak_key*
# 5. Vérification des algorithmes obsolètes
echo -e "\n[5] Checking for deprecated algorithms:"
ssh -Q cipher | grep -E "3des|arcfour|blowfish" | while read cipher; do
echo -n "Testing $cipher: "
if ssh -oCiphers=$cipher -oConnectTimeout=2 $TARGET -p $PORT 2>&1 | \
grep -q "no matching cipher"; then
echo "✓ Disabled"
else
echo "\nENABLED"
fi
done