Using both Fixed and Random passwords.

Question

Using both Fixed and Random passwords.

david-ramsden opened this issue 8 years ago · 2 comments

Hello.

I am assuming it's possible to use both fixed and random passwords? For example:

[root]
real_password = 123456
fake_passwords = password1, password2, password3

[setup]
real_password = 123456
random_chance = 15

[test]
real_password = 123456
random_chance = 10

In this scenario I would expect root to only be able to login using the passwords password1, password2 and password3, whereas the other two accounts can login with any random password.

I have tried the above but it appears as though the root user can login with random passwords. I've also tried adding "random_chance = 0" to the root user but this doesn't appear to make any difference.

Example:

20160801_001522_791927 - [SSH  ] Incoming Connection from 91.224.160.10:40508 - Netherlands
20160801_001522_868358 - [SSH  ] Login Successful: root:support
20160801_001522_868358 - [SSH  ] Login was spoofed
20160801_001522_928846 - [SSH  ] Lost Connection with 91.224.160.10

This is using the latest version cloned from git.

Thanks.

Answer 1 · 2016-08-05T12:26:42.000Z

Hi,

Sorry for the slow reply. Yeah, this should work as you describe.

In the logs folder, there should be a file called spoof.log. Is 'support' listed as a valid password for root?

HonSSH keeps a log of previously spoofed passwords so the attacker does not get suspicious when the password does not work on the second login.

If it is not there, then I will need to test it out myself!

Answer 2 · 2016-08-05T17:42:40.000Z

This was exactly what it was. Thanks for all the great work.