What Is SSH Brute Force and What Is It Used For?


What is SSH?

Secure Shell is a network protocol. It is used for secure data transfer.
Data transfer takes place between the server and the client with SSH. TCP Port 22 is used by default.
Unlike other data transmission protocols, SSH is designed for secure data transmission. Usually used for account access.


What is Brute Force?

A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. For example, a wordlist with possible passwords for the admin panel login passwords of the target website is created and this method of trial and error is made with tools.
We can give an example of CMS Brute Force to sample tools.


SSH Brute Force

In this section, we will use the tool called ncrack. Let's move on to the commands.


Actually, this is the only command, let's explain now.

We run the program with ncrack.

We specify a port with -p and then write 22, which we call Default.

-U Username Wordlist. We are entering the username wordlist path that I specified under the Brute force heading.

-P Password Wordlist. Wordlist with passwords.

Target IP: IP address of your target using SSH.

