Skip to content

Self-replicating SSH script - scans internet and attempts to hijack insecure SSH connections + download/exec a shell

Notifications You must be signed in to change notification settings

waived/ssh-self-rep

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 

Repository files navigation

 _____ _____ _____    _____ _____ __    _____    _____ _____ _____ 
|   __|   __|  |  |  |   __|   __|  |  |   __|  | __  |   __|  _  |
|__   |__   |     |  |__   |   __|  |__|   __|  |    -|   __|   __|
|_____|_____|__|__|  |_____|_____|_____|__|     |__|__|_____|__|   

OVERVIEW:
     This script acts as a password-spraying engine. It generates random IP addresses
     and probes them for an SSH connection. If a connection is found, the script will
     then attempt to login via either user-specific credentials or the ones pre-set in
     the script. If a connection is successful, the script will send BASH commands which
     will download and auto-execute the user-specified payload.

     Beware: scanning with this tool can anger ISPs, and termination of internet service
     is a possibility. All responsibility falls on the end-user. You have been warned!


FEATURES:
     THREADING: This script supports multi-threading. This boosts effeciency as multiple
                IP addresses can be scanned at any given time. However, the downside is
                that when engaging multiple IP addresses, this activity can bog down a
                network. Be cautious of your bandwidth consumption and system resources.

     BLACKLIST: This script generates IP addresses following no particular scheme. By
                default, internal IPs and subnets are blocked for efficiency and to 
                reduce and false positives.

    HOST COUNT: The user can specify how many IP addresses that are to be probed. Of
                course, this script also has to option to run indefinitely. 

       COMMAND: The user can specify a command statement to run upon the successful breach
                of an SSH connection. It must be wrapped in quotes.

     COMBOLIST: By default, this script uses known weak SSH credentials to attempt a
                breach. Additionally, a combo-list (with the format <username>:<password>)
                can also be specified. Default preset credentials will still be used against
                the host.


KNOWN BUGS: 
     I'm lazy and spent very little time field testing this. It is possible.

FUTURE UPDATES:
     Maybe, idk...lmao

About

Self-replicating SSH script - scans internet and attempts to hijack insecure SSH connections + download/exec a shell

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages