From 7992aba8deaf01177021622e5b5ff0fc950c3817 Mon Sep 17 00:00:00 2001
From: Juri Dispan <juri.dispan@posteo.net>
Date: Mon, 8 Jul 2024 19:09:06 +0200
Subject: [PATCH] nxc ssh: add page (#13238)

* nxc-ssh: add page

* fix tailing newline

* Update pages/common/nxc-ssh.md

Co-authored-by: spageektti <git@spageektti.cc>

---------

Co-authored-by: spageektti <git@spageektti.cc>
---
 pages/common/nxc-ssh.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 pages/common/nxc-ssh.md

diff --git a/pages/common/nxc-ssh.md b/pages/common/nxc-ssh.md
new file mode 100644
index 0000000000..ce4e433105
--- /dev/null
+++ b/pages/common/nxc-ssh.md
@@ -0,0 +1,25 @@
+# nxc ssh
+
+> Pentest and exploit SSH servers.
+> See also: `hydra`.
+> More information: <https://www.netexec.wiki/ssh-protocol>.
+
+- Spray the specified [p]assword against a list of [u]sernames on the specified target:
+
+`nxc ssh {{192.168.178.2}} -u {{path/to/usernames.txt}} -p {{password}}`
+
+- Search for valid credentials by trying out every combination in the specified lists of [u]sernames and [p]asswords:
+
+`nxc ssh {{192.168.178.2}} -u {{path/to/usernames.txt}} -p {{path/to/passwords.txt}}`
+
+- Use the specified private key for authentication, using the supplied [p]assword as the key's passphrase:
+
+`nxc ssh {{192.186.178.2}} -u {{path/to/usernames.txt}} -p {{password}} --key-file {{path/to/id_rsa}}`
+
+- Try a combination of [u]sername and [p]assword on a number of targets:
+
+`nxc ssh {{192.168.178.0/24}} -u {{username}} -p {{password}}`
+
+- Check for `sudo` privileges on a successful login:
+
+`nxc ssh {{192.168.178.2}} -u {{username}} -p {{path/to/passwords.txt}} --sudo-check`