AOH :: HP Unsorted S :: TB12847.HTM

SSHatter 0.6
SSHatter 0.6
SSHatter 0.6


SSHatter, the SSH brute forcer is now up to release 0.6.  New since the last 
announcement include:

* Changes allowing rudimentary username enumeration via timing attacks (as 
described in have 
been implemented.  These changes has been validated against OpenSSH 3.5p1.

* Targets and usernames are now specified in a file and targets can now be 
specified one per line in the format [:].

* Reconnection can optionally be enabled where support on connection failures 
have occurred.

* A default passwords list (taken from has also been added. 

* Fixes for systems configured with AllowUsers have added as these systems do 
not return "Permission denied" on Net::SSH::Perl->login().

This latest version can be downloaded from 

Remember, auditing systems without permission may be a crime, always read the 

Tim Brown

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to