osueta - A simple Python script to exploit the OpenSSH User Enumeration Timing Attack.

osueta – A simple Python script to exploit the OpenSSH User Enumeration Timing Attack.

Osueta it’s a simple Python2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions 5.* and 6.*. The script has the ability to make variations of the username employed in the bruteforce attack, and the possibility to establish a DOS condition in the OpenSSH server.

osueta v0.8

osueta v0.8

Requirements:
+ nmap
+ python 2.7

Latest Change 27/3/2016:
+ osufunc.py: Minor change.
+ Install paramiko from pip (python requirement)

Usage:

Source: https://github.com/c0r3dump3d