LinuxCommandLibrary

bully

Exploit WPS vulnerabilities to recover WPA keys

TLDR

Crack the password

$ bully [[-b|--bssid]] "[mac]" [[-c|--channel]] "[channel]" [[-B|--bruteforce]] "[interface]"
copy

Display help
$ bully [[-h|--help]]
copy

SYNOPSIS

bully [-h] [-V] [-p port] [-t threads] [-c combos] [-o file] [-v] [-d] host

PARAMETERS

-h
    Display help message and exit

-V
    Show version information

-p port
    Specify SSH port (default: 22)

-t threads
    Number of threads (default: 4)

-c combos
    Kangaroo combos per thread (default: 200000)

-o file
    Output file for recovered private key

-v
    Enable verbose output

-d
    Enable debug output

DESCRIPTION

Bully is a specialized Linux tool for recovering private DSA host keys from SSH servers. It targets vulnerabilities in DSA signatures where poor nonce generation allows extraction of the private key via the discrete logarithm problem.

Using Pollard's kangaroo algorithm, bully efficiently solves for the private key 'x' in DSA (y = g^x mod p) after collecting multiple public signatures from the target host. It automatically connects to the SSH server to gather these signatures, then brute-forces the key space.

Primarily used in security audits, penetration testing, and forensics, bully is highly effective against older SSH servers using DSA (disabled by default in modern OpenSSH). Performance scales with CPU cores via multi-threading, cracking 1024-bit DSA keys in minutes to hours depending on nonce quality.

Warning: High network traffic may trigger intrusion detection. Always obtain authorization before use, as unauthorized access attempts violate laws like the CFAA.

CAVEATS

Only targets DSA keys (SHA-1); ineffective on RSA/ECDSA/Ed25519. Requires multiple connections, generating detectable traffic. Key space limits effectiveness to ~1024-bit keys. Use ethically with permission only.

ALGORITHM OVERVIEW

Employs Pollard's kangaroo for discrete log in interval [1, sqrt(N)], where N is key subgroup order. Collects ~20-50 signatures automatically.

USAGE EXAMPLE

bully -t 8 -o key.dsa -v target.example.com
Threads across 8 cores, saves key to file, verbose mode.

HISTORY

Developed by Alan Fitzgerald in 2012 after HD Moore's research on DSA nonce reuse in SSH signatures. Gained prominence for exposing weak DSA implementations in embedded devices like routers.

SEE ALSO

ssh(1), ssh-keygen(1), openssl(1)

Copied to clipboard