PowerShell tries ssh Login

The previous article introduced how to log on to ftp through PowerShell. This article will show you how to try Linux SSH Logon Through PowerShell. Because most Linux logins are performed in SSH mode, during penetration testing, port 22 is scanned for listening over SSH. You can use social engineering to collect administrator information to compile a dictionary, if a script can be used to create a Linux user name and password Based on the dictionary, it will play an important role in penetration testing.

Continued expansion in the PSNet assembly, creating a Invoke-SSHLogin.ps1 script under $ env: PSSpace/PSNet/TCPOp/to return a successful login after passing in the specified ssh address, user name, and password.

Create a Lib directory under $ env: PSSpace/PSNet/to store the third-party library to be used in the script. Because you need to reference Renci. SshNet. dll in this article, you can.

Add a reference to the just-downloaded assembly at $ env: PSSpace/PSNet. psm1, add a reference to the Invoke-SSHLogin.ps1 script, load and initialize the function at PowerShell startup.

[Void] [reflection. assembly]: LoadFrom (Resolve-Path "$ env: PSSpace/PSNet/Lib/Renci. SshNet. dll "))
. $ Env: PSSpace/PSNet/TCPOp/Invoke-SSHLogin.ps1

The first statement is used to obtain the absolute location of the Dll file and reference the dll file to the current session.

Next, define the relevant parameters in this function:

-The Site parameter is used to specify the domain name or IP address of the SSH host for which the password is to be tried. this parameter is required
-The User parameter is used to specify the User name used for Logon. this parameter is required.
-The Pass parameter is used to specify the password used for Logon. this parameter is required.

The method of calling this script file after loading is as follows:

Invoke-SSHLogin-Site localhost-User fuhj-Pass P @ ssWorD

Run the following command:

650) this. width = 650; "style =" border-right-0px; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px "title =" invoke-sshlogin "border =" 0 "alt =" invoke-sshlogin "src =" http://www.bkjia.com/uploads/allimg/131227/0F420J02-0.png "width =" 669 "height =" 246 "/>

In the example, the correct host name is selected, and the user name and password are successfully logged on. However, an error is reported when the wrong user name and password are entered, and the host name that does not have a listener is output. to ensure the security of the server and user name and password, the host name and password have been erased by processing the existing host.

The source code is as follows:

===== File name: Invoke-SSHLogin.ps1 ===== Function Invoke-SSHLogin {Param ([parameter (Mandatory = $ true)] [string] $ Site = "localhost ", [parameter (Mandatory = $ true)] [string] $ User = "Anonymous", [parameter (Mandatory = $ true)] [string] $ Pass = "hello @ world ", [int] $ Port = 22) Write-Host "Try to Login ssh... "# Do directory listing $ SSHreq = New-Object Renci. sshNet. sshClient ($ Site, $ Port, $ User, $ Pass) try {$ SSHreq. connect () if ($ SSHreq. isConnected) {$ cmd = $ SSHreq. runCommand ("ps aux") $ output = $ cmd. result. split ("'n'") $ success = $ true Write-Host "Login Succed"-BackgroundColor green-ForegroundColor yellow} $ cmd. dispose () $ SSHreq. disconnect () $ SSHreq. dispose ()} catch {Write-Host "FAILED: $ _"-BackgroundColor red-ForegroundColor black $ success = $ false }}

Author: Fu haijun
Source: http://fuhj02.blog.51cto.com
Copyright: The copyright of this article is owned by the author and 51cto.
Reprinted: you are welcome to reprinted. Please Reprinted as required to save the author's Creative Enthusiasm.] Thank you.
Requirement: This statement must be retained without the author's consent. The original Article must be connected and the content must be complete! Otherwise, legal liability is required!
Personal Website: http://txj.shell.tor.hu/