MITM/SSH/Key Attacks

From charlesreid1

Revision as of 05:40, 28 August 2016 by Admin (talk | contribs) (Created page with "=Attacking SSH and SSL Keys= ==Installing littleblackbox== Littleblackbox is the tool that we will start with, since it has some built-in certificates and can be used to sca...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Attacking SSH and SSL Keys

Installing littleblackbox

Littleblackbox is the tool that we will start with, since it has some built-in certificates and can be used to scan for computers using vulnerable keys on the local network.

To install littleblackbox, replace all SSLv3 with SSLv23 (only one instance - in certificates.c).

Debian has SSL v3 disabled, due to the Poodle attack. Thus, SSL version 3 sessions are not defined in the OpenSSL library, which causes the symbol not found error, This can be fixed by using a different function call, so the symbol will exist. Version 2.3 is ok. So replace "SSLv3" with "SSLv23".

Also, you may need to make this folder to allow littleblackbox to install its man page: 

$ mkdir -p /usr/local/share/man/man1


A Treasure Trove of Keys

A treasure trove of keys:

Retrieved from "https://charlesreid1.com/w/index.php?title=MITM/SSH/Key_Attacks&oldid=13431"