#!/usr/bin/pythonimport pexpectfrom pexpect import pxsshimport time# Some

1. #!/usr/bin/python
2.  
3. import pexpect
4. from pexpect import pxssh
5. import time
6.  
7. # Some Global Configurations
8. sleep_time = 10
9. # use_psk = no
10.  
11.  
12. # Collect the creds
13. def cred_collect():
14. username = raw_input('Username: ')
15. password = raw_input('Password: ')
16. return username, password
17.  
18.  
19. def forward_tunnel(hostname, username, password, lport, destination, dport):
20. try:
21. # /usr/bin/ssh username@hostname -NfL lport:destination:dport
22. child = pexpect.spawn('/usr/bin/ssh ' + username + '@' + hostname + ' -NfL ' + lport + ':' + destination + ':' + dport)
23. child.expect(':', timeout=5)
24. print("Generating Tunnel, wait 10 seconds")
25. child.sendline(password)
26. time.sleep(sleep_time)
27. print("Tunnel created, localport "+lport+" traffic directed to "+destination+":"+dport)
28.  
29. # Catch All?
30. except:
31. print("Shit broke")
32.  
33.  
34. def reverse_tunnel(hostname, username, password, bind_port, reverse_ip, reverse_port):
35. try:
36. # /usr/bin/ssh -NfR bind_port:reverse_ip:reverse_port username@hostname
37. child = pexpect.spawn('/usr/bin/ssh' + ' -NfR ' + bind_port + ':' + reverse_ip + ':' + reverse_port + ' ' + username + '@' + hostname)
38. child.expect(':', timeout=5)
39. print("Generating Tunnel, wait 10 seconds")
40. child.sendline(password)
41. time.sleep(sleep_time)
42. print("Tunnel created, traffic aimed at "+bind_port+" now directed to "+reverse_ip+":"+reverse_port)
43.  
44. # Catch All?
45. except:
46. print("Shit broke")
47.  
48.  
49. def dynamic_tunnel(hostname, username, password, dynamic_port):
50. try:
51. # /usr/bin/ssh username@hostname -NfD dynamic_port
52. child = pexpect.spawn('/usr/bin/ssh ' + username + '@' + hostname + ' -NfD ' + dynamic_port)
53. child.expect(':', timeout=5)
54. print("Generating Tunnel, wait 10 seconds")
55. child.sendline(password)
56. time.sleep(sleep_time)
57. print("Tunnel created, Dynamic Tunnel(Socks5) on "+dynamic_port)
58.  
59. # Catch All?
60. except:
61. print("Shit broke")
62.  
63.  
64. def tunnel_magic(switch):
65. while True:
66. # listening_port:destination_ip:destination_port
67. if switch == "L":
68. listening_port = raw_input('Listening Port: ')
69. destination_ip = raw_input('Destination IP: ')
70. destination_port = raw_input('Destination Port: ')
71. return listening_port, destination_ip, destination_port
72. # remote_port:reverse_ip:reverse_port
73. elif switch == "R":
74. remote_port = raw_input('Remote Port: ')
75. reverse_ip = raw_input('Reverse IP: ')
76. reverse_port = raw_input('Reverse Port: ')
77. return remote_port, reverse_ip, reverse_port
78. # dynamic_port (SOCKS5)
79. elif switch == "D":
80. dynamic_port = raw_input('Dynamic Port: ')
81. return dynamic_port
82. else:
83. switch = raw_input('Please select either L,R, or D: ')
84.  
85.  
86. # Ghetto way to ensure RSA ID Key is accepted.
87. def connection_check(hostname, username, password):
88. try:
89. s = pxssh.pxssh()
90. s.login(hostname, username, password)
91. s.logout()
92. except pxssh.ExceptionPxssh as e:
93. print("pxssh failed on login.")
94. print(e)
95.  
96.  
97. # Where the magic happens
98. def main():
99. hostname = raw_input('Host to connect to: ')
100. username, password = cred_collect()
101. connection_check(hostname, username, password)
102. switch = raw_input("Forward(L), Reverse(R), or Dynamic(D) Tunnel?: ")
103. if switch == "L":
104. lport, dip, dport = tunnel_magic(switch)
105. forward_tunnel(hostname, username, password, lport, dip, dport)
106. elif switch == "R":
107. rport, reip, report = tunnel_magic(switch)
108. reverse_tunnel(hostname, username, password, rport, reip, report)
109. elif switch == "D":
110. dport = tunnel_magic(switch)
111. dynamic_tunnel(hostname, username, password, dport)
112.  
113.  
114. if __name__ == "__main__":
115. main()