- Now after misconfiguring
sshwe will exploit it using some basic techniques. - Scanning the target windows server:

Performing user enumeration:
- Open
msfconsole - Once it’s loaded, use this
ssh_enumusersmodule
use auxiliary/scanner/ssh/ssh_enumusers
3. Settings:
This didn’t give any results due to secure OpenSSH server, modern SSH servers are patched against this. If this was an actual pentest we hit the wall, but as we know the username and password, we can try login brute force attacks
- First we will try
msfconsole'sssh_loginmodule:
- Options:

- It will take significant time if you don’t have the actual credentials, if you have that’s a plus point. NEVER PERFORM BRUTE FORCE ATTACKS IN A INTERNAL NETWORK IN A PENTEST
- Now if it was an actual scenario, a sysadmin would check the logs immediately, we will do the same:
On opening that file you can see logs are continiously getting collected
Using medusa tool for brute forcing:
medusa -h 192.168.83.140 -U username.txt -P passwords.txt -M ssh
