Open Cronus89 opened 6 years ago
From 9207986bf53df6d6d78bc70cad78d6b988f7d9ed Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@hackint.org>
Date: Fri, 3 Aug 2018 00:43:12 +0000
Subject: [PATCH] report credentials on succesful login
---
antissh.py | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/antissh.py b/antissh.py
index ab42cfe..9608224 100755
--- a/antissh.py
+++ b/antissh.py
@@ -218,21 +218,23 @@ async def check_with_credentials_group(ip, target_ip, target_port, credentials_g
futures = [check_with_credentials(ip, target_ip, target_port, c[0], c[1]) for c in credentials_group]
results = await asyncio.gather(*futures)
- return True in results
+ return results
async def check_connecting_client(bot, ip):
result = await check_with_credentials_group(ip, TARGET_IP, TARGET_PORT)
- if result:
+ if True in result:
+ user, passwd = DEFAULT_CREDENTIALS[result.index(True)]
+
try:
ptr = socket.gethostbyaddr(ip)
except socket.error:
ptr = None
- ptr = "({})".format(ptr[0]) if ptr else ""
+ ptr = "({}) ".format(ptr[0]) if ptr else ""
print('found vulnerable SSH daemon at', ip, ptr)
- log_chan(bot, 'found vulnerable SSH daemon at %s %s' % (ip, ptr))
+ log_chan(bot, 'found vulnerable SSH daemon at %s %swith %s:%s' % (ip, ptr, user, passwd))
bot.writeln(KLINE_CMD_TEMPLATE.format(ip=ip))
--
2.11.0
Gonna PR that? :)
Not sure about the rationale of having this.
Statistics on what logins are working, and which are not. Curiosity mostly.
The patch code dosent work this line: 218,21 +218,23 @@ async def check_with_credentials_group(ip, target_ip, target_port, credentials_g futures = [check_with_credentials(ip, target_ip, target_port, c[0], c[1]) for c in credentials_group] results = await asyncio.gather(*futures) I dont find it and patch dont apply
Cant u help me?
add the user/pass succeded to logchan msg