Osueta – Script for OpenSSH Server Side
Osueta is a free and open-source tool available on GitHub. This tool is based upon the technique which is Time based attack technique. Osueta is used to exploit OpenSSH vulnerabilities through User-Enumeration. This technique is used for searching usernames on the target server. This tool makes brute-force attacks more interesting by just not only finding passwords but also the usernames on the target server. Both username and password plays important role in security research for vulnerability assessment. OpenSSH server uses the username and password-based authentication protocols which saves the backend from man-in-the-middle attacks. If the server is vulnerable then Osueta can exploit OpenSSH vulnerabilities to find usernames on the target server.
Installation and step by step tutorial of the tool
Step 1: Open your kali Linux operating system and use the following command to install the tool from GitHub.
git clone https://github.com/c0r3dump3d/osueta.git cd osueta ls
The tool has been installed successfully now we will see examples to use the tool.
Example 1: Use the Osueta tool to find out whether the IP address of a domain is transferred or not.
Example 2: Use the Osueta tool to find out whether the IP address of a domain is transferred or not.