Generally, nc is used to determine whether the target ssh server can be sniffed. The specific method is nctargetip22. If the returned version number is a SSH-1.99, it indicates that protcol is 2, 1 in sshd_config. However, by default, the ettercap on the Internet cannot sniff the ssh1 password, even if the server to be sniffed is configured as protcol2 and 1.
Normally, we can determine whether the target ssh server can be used by sniffing.NcTo confirm. The specific method is nc targetip 22.
If the returned version number is SSH-1.99, it indicates the prot in sshd_configColIs 2, 1.
However, by default, the ettercap on the Internet cannot sniff the ssh1 password, even if the server to be sniffed is configured as protcol.
It took a while to study the filter writing method, write an ssh ssh-1.99 to the ssh-1.5 filter
- If (tCp. Src = 22 & search (DATA. data, "SSH-1.99 ")){
-
- Replace ("SSH-1.99", "SSH-1.5 ");
-
- }
Save as sh. filter and compile as Etterfilter sh. filter-o sh. ef.
Load the filter when you start ettercap. Can you sniff it?