Listing users via the CVE-2016-6210 vulnerability
OpenSSH 7.2p2 and before had a vulnerability where it would use Blowfish for users that don’t exist, and SHA256/SHA512 for real users. Here’s how to test for it. (Note that i)
cve
OpenSSH 7.2p2 and before had a vulnerability where it would use Blowfish for users that don’t exist, and SHA256/SHA512 for real users. Here’s how to test for it. (Note that i)