Git Product home page Git Product logo

shreder's Introduction

Shreder

Developer Language Forks Stars CodeFactor

Shreder is a powerful multi-threaded SSH protocol password brute-force tool.

Features

  • Very fast password guessing, just one password in 0.1 second.
  • Optimized for big password lists, Shreder tries 1000 passwords in 1 minute and 40 seconds.
  • Simple CLI and API usage.

Installation

pip3 install git+https://github.com/EntySec/Shreder

Basic usage

To use Shreder just type shreder in your terminal.

usage: shreder [-h] [-p PORT] [-u USERNAME] [-l LIST] [-d DELAY] target

Shreder is a powerful multi-threaded SSH protocol password brute-force tool.

positional arguments:
  target

optional arguments:
  -h, --help            show this help message and exit
  -p PORT, --port PORT  SSH port.
  -u USERNAME, --username USERNAME
                        SSH username.
  -l LIST, --list LIST  Passwords list.
  -d DELAY, --delay DELAY
                        Delay between login attempts.

Examples

Brute-forcing single target

Let's brute-force my device just for fun.

shreder 192.168.2.109 -u mobile -l passwords.txt

API usage

Shreder also has their own Python API that can be invoked by importing Shreder to your code.

from shreder import Shreder

Basic functions

There are all Shreder basic functions that can be used to brute-force single target.

  • connect(host, port, username, password) - Connect single target by given address.
  • brute(host, port, username, dictionary, delay) - Brute-force single target by given address.

Examples

Brute-forcing single target

from shreder import Shreder

shreder = Shreder()
password = shreder.brute('192.168.2.109', 22, 'mobile', 'passwords.txt')

print(password)

shreder's People

Contributors

enty8080 avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

y0d4a ktzgraph yalonso7 benhays42 bushdav mkdirlove malicious-xv ghislainadon tormentedsoul666 5l1v3r1 erickie007 3453-315h trendingtechnology icysun douglas88 mytfx skymysky test-for-play teboarte robertcgregory lollipop31 jeromeyoung add1ct3d aels fangqiluxatu vanpersiexp skyscanner4u sirbaek abaso007 ethicalsecurity-agency 18260622812 ethicalsecurity-agency xiv3r zer010101 jbanday808 alphilsfate yuuhekurenai

shreder's Issues

Error reading SSH protocol banner

Hi, first of all, thanks for this script.
I'm using it as a module, but when i was trying to do dictionary attack, i faced with some errors which i think it is for parmiko.
maybe i should post this issue in the parmiko page, but first posting that here, maybe you could handle/fix that in your script.
it guesses the password correctly somtimes, but because of these errors, it has some FalsePositive in each target which returns None result.

command: password = shreder.brute(ip, 22, 'user', 'password.txt')
target OS: Ubuntu 20.04

Output:

Traceback (most recent call last):
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/transport.py", line 2211, in _check_banner
    buf = self.packetizer.readline(timeout)
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/packet.py", line 380, in readline
    buf += self._read_timeout(timeout)
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/packet.py", line 609, in _read_timeout
    raise EOFError()
EOFError

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/transport.py", line 2039, in run
    self._check_banner()
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/transport.py", line 2215, in _check_banner
    raise SSHException(
paramiko.ssh_exception.SSHException: Error reading SSH protocol banner

Exception: Error reading SSH protocol banner
Traceback (most recent call last):
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/transport.py", line 2211, in _check_banner
    buf = self.packetizer.readline(timeout)
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/packet.py", line 380, in readline
    buf += self._read_timeout(timeout)
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/packet.py", line 609, in _read_timeout
    raise EOFError()
EOFError

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/transport.py", line 2039, in run
    self._check_banner()
  File "/home/pytm/.local/lib/python3.8/site-packages/paramiko/transport.py", line 2215, in _check_banner
    raise SSHException(
paramiko.ssh_exception.SSHException: Error reading SSH protocol banner

RockYou error

shreder 192.168.1.66 -u admin -l /usr/share/wordlists/rockyou.txt
Traceback (most recent call last):
File "/usr/local/bin/shreder", line 8, in
sys.exit(main())
File "/usr/local/lib/python3.9/dist-packages/shreder/cli.py", line 73, in main
cli.start()
File "/usr/local/lib/python3.9/dist-packages/shreder/cli.py", line 54, in start
password = self.brute(
File "/usr/local/lib/python3.9/dist-packages/shreder/main.py", line 51, in brute
lines = f.read().split('\n')
File "/usr/lib/python3.9/codecs.py", line 322, in decode
(result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf1 in position 5079963: invalid continuation byte

ssh server dying

In your "connect" function, paramiko try to connect to server. In my case, as server was Win10 with ssh server. After you fail password, it asks you to try password again. When I launch your code, Win10 quickly got stuck with 10+ ssh connections NOW, leading to ssh server death, and next passwords got EOF from ssh.
I suggest you to put ssh.close() in except block before return to avoid this mess
image
Also, thanks for library!

UnicodeDecodeError: 'utf-8' codec can't decode byte 0xed in position 5745570: invalid continuation byte 

root㉿kali)-[~/Brute-Force-Login]
└─# shreder 192.168.1.12 -u root -l /root/Downloads/Top10k.txt
Traceback (most recent call last):
  File "/usr/local/bin/shreder", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.9/dist-packages/shreder/cli.py", line 75, in main
    cli.start()
  File "/usr/local/lib/python3.9/dist-packages/shreder/cli.py", line 55, in start
    password = self.brute(
  File "/usr/local/lib/python3.9/dist-packages/shreder/__main__.py", line 52, in brute
    lines = f.read().split('\n')
  File "/usr/lib/python3.9/codecs.py", line 322, in decode
    (result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xed in position 5745570: invalid continuation byte

Any idea how to fix it?

Attribute error

Traceback (most recent call last):
File "/home/koneko/.local/bin/shreder", line 8, in
sys.exit(main())
File "/home/koneko/.local/lib/python3.8/site-packages/shreder/cli.py", line 75, in main
cli.start()
File "/home/koneko/.local/lib/python3.8/site-packages/shreder/cli.py", line 48, in start
self.print_error(f"List file: {self.args.input}: does not exist!")
AttributeError: 'Namespace' object has no attribute 'input'

im on a wsl version of Ubuntu but it does the same thing on a google cloud shell, I'm not sure what caused this, it just happened

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.