Fixed an issue where the exploit would drop to interactive password prompt by default on newer ruby version which rendered the exploit unusable. It now properly forces pubkey authentication instead and proceeds with the bypass as expected.
See the complaint on #4039. This doesn't fix that particular
issue (it's somewhat unrelated), but does solve around
a file parsing problem reported by @void-in
Allows usernames to be loaded as a file (wordlist), that way the
it's much easier to manage. It defaults to unix_users.txt,
because these usernames are common in any SSH hosts out there.
If the user only wants to try a specific user (which is better,
because you reduce traffic noise that way), then he/she can set
the USERNAME option, and that should be the only one tried --
similar to how AuthBrute behaves.
I also fixed the regex in check().
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.
To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.