Git Product home page Git Product logo

cleveridge / cleveridge-ssh-scanner Goto Github PK

View Code? Open in Web Editor NEW
44.0 7.0 27.0 59 KB

The Cleveridge SSH Scanner is a SSH Brute Force tool written in python. The tool tries to get access to machines (IPv4) on the SSH port (22). When the machines is accessible on port 22, the tool brute forces the ssh login with the most common default user names and passwords.

License: GNU General Public License v3.0

Python 100.00%

cleveridge-ssh-scanner's Introduction

Cleveridge logo

Cleveridge SSH Scanner

####IMPORTANT:

This tool is for ethical testing purpose only.
Cleveridge and its owners can't be held responsible for misuse by users.
Users have to act as permitted by local law rules.

##What is the Cleveridge SSH Scanner The Cleveridge SSH Scanner is a SSH Brute Force tool written in python. The tool tries to get access to machines (IPv4) on the SSH port (22). When the machines is accessible on port 22, the tool brute forces the ssh login with the most common default user names and passwords.

The tool offers you the options to attack

  • one IP
  • a range of IP's (e.g. 192.168.0.1-25)
  • IP's listed in a file

##Tested At this moment the Cleveridge SSH Scanner is only tested in a Linux Kali environment with Python 2.7 installed.
The Cleveridge SSH Scanner is also successfully tested in combination with Proxychains 3.1 (http://proxychains.sourceforge.net/) and Tor (https://www.torproject.org/) to hide the ip of the user.

##How to use in Linux

  1. Download the Cleveridge SSH Scanner files into a directory of your choise and chmod it so you are allowed to execute it.

  2. In Terminal, go to the Cleveridge SSH Scanner directory and execute:
    ./cl_ssh_scan.py

or

  1. Be sure you have Tor and Proxychains 3.1 installed.
    if you have problems installing these programs there is enough documentation available online.

  2. Edit your proxychains configuration file:
    Most of the time you will find this file at /etc/proxychains.conf
    What to change...
    1st : uncomment 'dynamic_chain' (remove the # in front of it)
    2nd : comment 'strict_chain' and 'ramdom chain' (add a # in front of it)
    3th : Below [ProxyList], add your Tor Listener settings, this could be
    socks4 127.0.0.1 9050
    More info : http://www.shellhacks.com/en/Anonymous-Port-Scanning-Nmap-Tor-ProxyChains

  3. Download the Cleveridge SSH Scanner files into a directory of your choise and chmod it so you are allowed to execute it.

  4. In Terminal, go to the Cleveridge SSH Scanner directory and execute:
    service tor start
    proxychains ./cl_ssh_scan.py

##On the first run... ...the Cleveridge SSH Scanner will automatically install the following folders:

  • log : in this folder all the log files of scans will be saved
  • cnf : configurations folder
  • data : in this folder the user can store files containing lists of ip addresses he/she wants to scan

##Contact Info Cleveridge - Ethical Hacking Lab
De Brulen 28
2370 Arendonk
Belgium
https://cleveridge.org

##Developer Erwin De Laat [ redN00ws ]
https://twitter.com/erwindelaat

cleveridge-ssh-scanner's People

Contributors

cleveridge avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

harutmty timedcy lolsquad cinno signedbytes jiayi13275898 zyxtarmo mbillar saesuzy pythonmaster41 hcs0 dnkls ccgcyber jbinfo cmscardoso looplife55 xuan2261 x0xr00t unixfreaxjp khaisen aligollez inheritance baff3r

cleveridge-ssh-scanner's Issues

Proxychains won't work anymore

I am trying to route the traffic to the local TOR proxy as described in the README, but the traffic won't routed through it.

proxychains4 ./cl_ssh_scan.py

Your IP [78.46.*.*] :
Local IP : 78.46.*.*
Visible IP : 78.46.*.*
   Break up - visible !!!

   Add 'Socks4 127.0.0.1 9050' to /etc/proxychains.conf.
   Start Tor service, then
   proxychains ./cl_ssh_scan.py

Proof that proxychains4 is working:

$: curl ifconfig.io
78.46.*.*
$: proxychains4 curl ifconfig.io
[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/local/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.8.1-git-11-gba61b48
[proxychains] Strict chain  ...  127.0.0.1:9050  ...  ifconfig.io:80  ...  OK
80.82.64.29

It seems for me like an issue with Python and proxychains4.

Ip range issue

It seems that ip ranges of xxx.xxx.xxx.100-256 (ending above 99) gives an unvalid range error
ip ranges of xxx.xx.xxx.100-256 don't

Test another ssh port number

I am wanting to use this scanner to see if there are issues with SSH scanners trying to scan another port (ie above 1024) that is not the default.
This port is being used for another service (sftp).

I am using it on another IP but with a custom port (10033)

   # check if SSH-port is open
   sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
   result = sock.connect_ex((ip, 10033))

Result:

Scanning IP : IP_ADDRESS
Port 22 (SSH) is accessible.
* Try root:root failed - 
End Of File (EOF). Exception style platform.
<pexpect.pxssh.pxssh object at 0x7f643c6c9250>
command: /usr/bin/ssh
args: ['/usr/bin/ssh', '-q', '-l', 'root', 'IP_ADDRESS']
buffer (last 100 chars): ''
before (last 100 chars): "unset PROMPT_COMMAND\r\nPS1='[PEXPECT]\\$ '\r\nset prompt='[PEXPECT]\\$ '\r\n"
after: <class 'pexpect.exceptions.EOF'>
match: None
match_index: None
exitstatus: None
flag_eof: True
pid: 60978
child_fd: 6
closed: False
timeout: 30
delimiter: <class 'pexpect.exceptions.EOF'>
logfile: None
logfile_read: None
logfile_send: None
maxread: 2000
ignorecase: False
searchwindowsize: None
delaybeforesend: 0.05
delayafterclose: 0.1
delayafterterminate: 0.1
searcher: searcher_re:
    0: TIMEOUT
    1: re.compile("\[PEXPECT\][\$\#] ")
Stopped due to blocked by victim
Tried 1 combinations

I am assuming it is scanning the new port mentioned since Port 22 (SSH) is accessible. is hardcoded

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.