-2

I am working for a company that is providing File-Share-Software for all sorts of Protocols such as FTP, SFTP, FTPS and so on. One of our customers is facing an issue with Key-Auth and spontaneously login-problems.

Going trough the code I am pretty certain that the server collapses with too many requests at the same time. What I need right now is a simple tool to test a situation just like this. I need a simple SFTP-Fuzzer or Stresser, sending invalid or broken Auth-Attempts to the SFTP-Server.

I am not a developer but a technician and instead of writing something myself (which would take forever) I would love to have a simple script or toolset to go...if there is one.

Steven
  • 187
  • 2
  • 9

1 Answers1

0

Ok, found one faster than I thought. Steps:

  1. Download Kali Linux (or any Distro that contains Metasploit)
  2. Fire up Kali Linux and put it in the same subnet as your SFTP-Server
  3. Start Metasploit and use the SSH-Fuzzer /auxiliary/fuzzer/ssh/ssh_version_2
  4. Set RHOST and RPORT to the relevant IP and port your server is listening to
  5. Exploit and see what will happen
Steven
  • 187
  • 2
  • 9