MITM/SSH/Key Attacks: Difference between revisions

From charlesreid1

(Created page with "=Attacking SSH and SSL Keys= ==Installing littleblackbox== Littleblackbox is the tool that we will start with, since it has some built-in certificates and can be used to sca...")
 
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
=Attacking SSH and SSL Keys=
=Attacking SSH and SSL Keys=


==Installing littleblackbox==
==Using littleblackbox==
 
Littleblackbox is the tool that we will start with, since it has some built-in certificates and can be used to scan for computers using vulnerable keys on the local network.
 
To install littleblackbox, replace all SSLv3 with SSLv23 (only one instance - in certificates.c).
 
Debian has SSL v3 disabled, due to the Poodle attack. Thus, SSL version 3 sessions are not defined in the OpenSSL library, which causes the symbol not found error, This can be fixed by using a different function call, so the symbol will exist. Version 2.3 is ok. So replace "SSLv3" with "SSLv23".
 
Also, you may need to make this folder to allow littleblackbox to install its man page:
 
<pre>
$ mkdir -p /usr/local/share/man/man1
</pre>
 


See [[Littleblackbox]]


=A Treasure Trove of Keys=
=A Treasure Trove of Keys=

Latest revision as of 20:40, 5 March 2022

Attacking SSH and SSL Keys

Using littleblackbox

See Littleblackbox

A Treasure Trove of Keys

A treasure trove of keys:

Retrieved from "https://charlesreid1.com/w/index.php?title=MITM/SSH/Key_Attacks&oldid=29113"