how can i test login password

[luolufang]

i have a project to use phpseclib connect cisco and H3C Swtich device .

these devices' passowrd are not different.so i must try to test these password ,when i first login these device.

i write some code to find the correct password in the password list,but the correct password is only effect when it's first used to login .

 function loginssh_keybo(){
    $user = user::find()->all();
    $ssh = new SSH2($this->ip);
    if (@$ssh->login($user[$this->i]->username, $user[$this->i]->password, $user[$this->i]->password)) {
      return $ssh;
    }else{
        return false;
    }

}

function loginssh_pass(){
    $user = user::find()->all();
    $ssh = new SSH2($this->ip);
    if (@$ssh->login($user[$this->i]->username, $user[$this->i]->password)) {
        return $ssh;
    }else{
        return false;
    }

}
function loginssh()
{
    $user = user::find()->all();
    $max = 3;
    $this->i = 0;
    do {
        if (@$ssh=$this->loginssh_keybo()) {
            $this->islogin = True;
            break;
        } elseif (@$ssh=$this->loginssh_pass()) {
            $this->islogin = True;
            break;
        }  elseif
        ($this->i > $max) {
            return false;
        }
        $this->i += 1;
    } while (!$this->islogin);
    $this->user = $user[$this->i]->username;
    $this->password = $user[$this->i]->password;
    return $ssh;
}
login phpseclib
```

[terrafrost]

I'm not sure I understand your question. I mean, it looks like you're trying the same password 3x times. If it didn't work once I wouldn't expect it to work again? I mean, I suppose you could be using multi factor authentication with that just happens to want the same password twice, but idk - that seems like that'd be a bit weird.

I do wonder why you're using the error suppression operator...

That said, if you want to test a certain password after you've already logged in... on Linux you could do passwd from the CLI, I suppose, and do Ctrl + C ("\x03"). You'd need to use the interactive mode functions to do that tho. eg. $ssh->read() / $ssh->write(). I guess you could try doing sudo [command], too, to get a password prompt, but I think that'd only work if you're in the sudoers group idk. But then again, idk that any of these things would work on a Cisco router...

[luolufang]

@terrafrost thx for your answer, before i login the system idk the right password is which one .so i i must try three different password 。and H3C router could be login by using password authentication .but i found the cisco device is difference .some cisco router must use keyboard-interactive authentication . so i wirte two function

and i want to know.if i‘m trying the wrong password login ,and $ssh->login("$first username","$first passowrd") return false . how can i try the second password.
just run $ssh->login("$second username","$second passowrd") immediately?

i use the error suppression operator,because some login method is ok on a cisco device，but it's report a user notice errer on another cisco device。i must make sure the script won't break by these notice

[terrafrost]

You could just try this:

if ($ssh->login('username', 'password1')) {
    return true;
}
if ($ssh->login('username', 'password2')) {
     return true;
}
if ($ssh->login('username', 'password3')) {
     return true;
}
return false;

i use the error suppression operator,because some login method is ok on a cisco device，but it's report a user notice errer on another cisco device。i must make sure the script won't break by these notice
It'd be nice if you could share that user notice error so that it might be fixed.

I mean, in-so-far as I know, you could be using an out of date version of phpseclib and the issue could be fixed, but let's get the error first lol.