From ddda2927f911dbd07603bb4e0310c223ab07014f Mon Sep 17 00:00:00 2001 From: Levon Kayan Date: Tue, 19 Jan 2021 11:55:53 +0100 Subject: [PATCH] use mmap to read wordlist files. update lists/* --- docs/TODO | 5 +++++ lists/combo.txt | 2 -- lists/pws.txt | 39 +++++++++++++++++++++++++++++++++++++++ lists/user.txt | 1 - sshprank.py | 30 ++++++++++++++++++++---------- 5 files changed, 64 insertions(+), 13 deletions(-) diff --git a/docs/TODO b/docs/TODO index 6980bf6..df44396 100644 --- a/docs/TODO +++ b/docs/TODO @@ -14,6 +14,11 @@ files ) and brute it +===> 1.3.3 + + [x] use mmap to read wordlist files + + ===> 1.3.2 [x] decrease default hosts threads num diff --git a/lists/combo.txt b/lists/combo.txt index 3405d16..62e8428 100644 --- a/lists/combo.txt +++ b/lists/combo.txt @@ -1,6 +1,4 @@ admin:admin -root:r00t root:root test:test -toor:t00r toor:toor diff --git a/lists/pws.txt b/lists/pws.txt index d05e493..f7e828d 100644 --- a/lists/pws.txt +++ b/lists/pws.txt @@ -1,11 +1,50 @@ +!!!! +.... +0000 +00000000 +1111 1234 12345 +123456 +1234567 +12345678 +123456789 +1234567890 +1234root +123admin +123login +123root +2222 +3333 +4444 +5555 +6666 +7777 +8888 +9999 admin +admin123 letmein login +login! +login123 +login1234 +pass! pass123 +pass1234 password +password1 +password1! +Password1 +Password1! +p@ssw0rd +P@ssw0rd +p@ssword +qwerty +qwertz root +root123 +root1234 test test123 toor diff --git a/lists/user.txt b/lists/user.txt index be82c6a..c437d93 100644 --- a/lists/user.txt +++ b/lists/user.txt @@ -1,4 +1,3 @@ admin root test -toor diff --git a/sshprank.py b/sshprank.py index 2ced49e..4433830 100755 --- a/sshprank.py +++ b/sshprank.py @@ -33,11 +33,12 @@ import masscan import paramiko import shodan +import mmap from collections import deque __author__ = 'noptrix' -__version__ = '1.3.2' +__version__ = '1.3.3' __copyright = 'santa clause' __license__ = 'MIT' @@ -106,9 +107,9 @@ -p - single password (default: root) -P - list of passwords -C - list of user:pass combination - -x - num threads for parallel host crack (default: 10) - -S - num threads for parallel service crack (default: 1) - -X - num threads for parallel login crack (default: 5) + -x - num threads for parallel host crack (default: 30) + -S - num threads for parallel service crack (default: 10) + -X - num threads for parallel login crack (default: 20) -B - num threads for parallel banner grabbing (default: 70) -T - num sec for auth and connect timeout (default: 5s) -R - num sec for (banner) read timeout (default: 3s) @@ -159,9 +160,9 @@ 'cmd_no_out': False, 'user': 'root', 'pass': 'root', - 'hthreads': 10, - 'sthreads': 1, - 'lthreads': 5, + 'hthreads': 30, + 'sthreads': 10, + 'lthreads': 20, 'bthreads': 70, 'ctimeout': 5, 'rtimeout': 3, @@ -221,6 +222,15 @@ def parse_target(target): return dtarget +def read_list(_file): + try: + with open(_file, 'r', encoding='latin-1') as f: + with mmap.mmap(f.fileno(), length=0, access=mmap.ACCESS_READ) as m: + return m.read().decode('latin-1').split() + except: + log(f'could not read wordlist {_file}', 'error') + + def parse_cmdline(cmdline): global opts @@ -247,13 +257,13 @@ def parse_cmdline(cmdline): if o == '-u': opts['user'] = a if o == '-U': - opts['userlist'] = a + opts['userlist'] = read_list(a) if o == '-p': opts['pass'] = a if o == '-P': - opts['passlist'] = a + opts['passlist'] = read_list(a) if o == '-C': - opts['combolist'] = a + opts['combolist'] = read_list(a) if o == '-x': opts['hthreads'] = int(a) if o == '-S':