Davy and I have teamed up (kind of). We are both using pen testers. Davy's is Kali Linux. Mine is pwnpi. We tried brute forcing into zen's raspberry pi which we found using the scanner netdiscover. Bill puts all the pi's on the 10.14.88.x ip, so that's how we knew it was a pi instead of another machine. By the way, you can easily determine which machine is static and which is DHCP, automatic, probably a visitor. When doing a scan look for the 254s, they are usually DHCP. After we discovered zen on the network, we did 1-8 character generation brute force. In hydra
hydra -l pi -x 1:8:aA1% ip.ad.re.ss ssh
that aA1% flag means to use upercase, lowecase, numbers, and special characters when generating passwords.
binder_a
Comments