Created ssh_connector.py (markdown)

ssh_connector.py.md

@@ -0,0 +1,125 @@
+# SSH Connector ssh_connector.py
+
+This document provides a detailed step-by-step explanation of how the `ssh_connector.py` script operates. This script is designed to perform a brute force attack on SSH services (port 22) to identify accessible accounts using various user credentials. Successful connections are logged for further use.
+
+## Overview
+
+### Description
+- **Filename**: `ssh_connector.py`
+- **Purpose**: To conduct brute force attacks on SSH services by attempting multiple user credential combinations and logging successful connections.
+
+## Initialization and Setup
+
+### Importing Modules
+The script imports the following modules:
+
+- **Standard Libraries**:
+  - `os`
+  - `pandas`
+  - `paramiko`
+  - `socket`
+  - `threading`
+  - `logging`
+  - `time`
+  
+- **External Libraries**:
+  - `rich.console`
+  - `rich.progress`
+  
+- **Custom Modules**:
+  - `SharedData`
+  - `Logger`
+
+### Configuring the Logger
+The logger is configured to log messages for `ssh_connector.py` at the DEBUG level, ensuring detailed logging of events and errors.
+
+### Defining Global Variables
+Global variables are defined to provide metadata about the class and module, including:
+- `b_class = "SSHBruteforce"`
+- `b_module = "ssh_connector"`
+- `b_status = "brute_force_ssh"`
+- `b_port = 22`
+- `b_parent = None`
+
+## `SSHBruteforce` Class
+
+### Purpose
+The `SSHBruteforce` class manages the overall process of conducting the SSH brute force attack. It coordinates the attack process and updates the status based on the results.
+
+### Initialization
+- **Attributes**: Initializes shared data and creates an instance of `SSHConnector`.
+- **Logger**: Logs the initialization of the SSH connector.
+
+### Methods
+
+#### `bruteforce_ssh(ip, port)`
+- **Purpose**: Initiates the brute force attack on the specified IP and port.
+- **Logging**: Logs the start of the brute force process.
+- **Returns**: The result of the brute force attempt, indicating success or failure.
+
+#### `execute(ip, port, row, status_key)`
+- **Purpose**: Executes the brute force attack and updates the status key based on the result.
+- **Logging**: Logs the execution attempt and updates the shared data status.
+
+## `SSHConnector` Class
+
+### Purpose
+The `SSHConnector` class handles the connection attempts during the brute force attack and manages the results of successful connections.
+
+### Initialization
+- **Attributes**: Sets up shared data, reads user and password lists, and prepares the results file.
+- **File Handling**: Checks if the results file exists; if not, creates it with appropriate headers.
+
+### Methods
+
+#### `load_scan_file()`
+- **Purpose**: Loads the netkb file and filters it for entries with SSH ports.
+- **Details**: Reads the file and ensures the "Ports" column contains port 22 entries.
+
+#### `ssh_connect(adresse_ip, user, password)`
+- **Purpose**: Attempts to establish an SSH connection using the provided credentials.
+- **Error Handling**: Catches exceptions such as `paramiko.AuthenticationException`, `socket.error`, and `paramiko.SSHException`, logging connection failures.
+- **Returns**: A boolean indicating whether the connection was successful.
+
+#### `run_bruteforce(adresse_ip, port)`
+- **Purpose**: Executes the brute force attack by iterating over user and password combinations.
+- **Progress Tracking**: Utilizes `rich.progress` to display the progress of the brute force attack.
+- **Result Logging**: Logs successful connections and saves results immediately.
+- **Duplicate Removal**: Calls `removeduplicates` to ensure no duplicate entries in the results file.
+
+#### `save_results()`
+- **Purpose**: Saves the results of successful connection attempts to a CSV file.
+- **Details**: Converts results to a DataFrame and appends them to the CSV file, ensuring no duplicates.
+
+#### `removeduplicates()`
+- **Purpose**: Removes duplicate entries from the results CSV file.
+- **Details**: Reads the CSV, drops duplicate rows, and rewrites the file without duplicates.
+
+## Detailed Execution Flow
+
+### Step 1: Initialization
+- The `SSHBruteforce` class is initialized with shared data, creating an instance of `SSHConnector` and logging the initialization process.
+
+### Step 2: Load Scan File
+- The `load_scan_file` method is called to load and filter the netkb file for entries with SSH ports.
+
+### Step 3: Execute Brute Force Attack
+- The `bruteforce_ssh` method initiates the brute force attack on a given IP and port by calling `run_bruteforce`.
+
+### Step 4: Run Brute Force
+- **Progress Tracking**: Uses `rich.progress` to monitor and display the progress of the attack.
+- **Connection Attempts**: Iterates over the user and password lists, attempting to connect using `ssh_connect`.
+- **Result Logging**: Logs successful connections and saves results to a CSV file.
+- **Duplicate Removal**: Ensures no duplicate entries in the results file by calling `removeduplicates`.
+
+### Step 5: Update Status
+- **Success/Failure**: The `execute` method updates the status based on the result of the brute force attack, logging the outcome.
+
+## Integration with Orchestrator
+
+### Method Call
+The `SSHBruteforce` class is integrated into the orchestrator and called via its `execute` method. The process involves:
+1. **Receiving Target Details**: The orchestrator provides IP and port details to the `SSHBruteforce` class.
+2. **Performing Attack**: The `execute` method carries out the brute force attack.
+3. **Updating Orchestrator**: The status (success or failure) is returned to the orchestrator for further action.
+