Ssh2john is part of John The Reaper suite. This is a script that basically transforms [RSA/DSA/EC/OPENSSH (SSH private keys) ] private key to john format for later cracking using JtR
How to
1. Having an RSA private key already
- cat id_rsa
2. locate the ssh2john script using find
- find / -iname *ssh2john* > /dev/null
- locate *ssh2john*
3. Run the script against the RSA private key ‘id_rsa’, and create a new file with the content of the output
- /usr/share/john/ssh2john.py
- /usr/share/john/ssh2john.py id_rsa > id_rsa.john
- cat id_rsa.john
4. Now that we created the new file named id_rsa.john, we need to run john against it. We will use rockyou.txt as the wordlist. The result is secretz101 as the password.
- john –wordlist=/usr/share/wordlists/rockyou.txt id_rsa.john
5. Knowing already the username of the owner of this private key. We can try to SSH to our target machine. We will use an uncommon port (4655)
- ssh -i id_rsa stefano@192.168.0.7 -p 4655
- Password: secretz101
Please let me know if you’re looking for a author for your site.
You have some really great articles and I think I would be a good asset.
If you ever want to take some of the load off, I’d love to write some material for your blog in exchange for a link back to
mine. Please shoot me an email if interested. Regards!