Users Enumeration

OpenSSH through 7.7 is prone to a user enumeration vulnerability (CVE-2018-15473).

Metasploit

use auxiliary/scanner/ssh/ssh_enumusers
set action Malformed Packet

ssh_enumusers.py

python2 ssh_enumusers.py --userList <USER WORDLSIT> --outputFile <OUTPUT RESULT> <HOST>

Source**: ssh_enumusers.py**

References

• https://www.exploit-db.com/download/45233/
• https://cve.circl.lu/cve/cve-2018-15473