From ef129555399e14d79fefccd4913c4682b6efac91 Mon Sep 17 00:00:00 2001 From: infinition <37984399+infinition@users.noreply.github.com> Date: Sat, 6 Jul 2024 01:22:38 +0200 Subject: [PATCH] Created ssh_connector.py (markdown) --- ssh_connector.py.md | 125 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 125 insertions(+) create mode 100644 ssh_connector.py.md diff --git a/ssh_connector.py.md b/ssh_connector.py.md new file mode 100644 index 0000000..e2150fe --- /dev/null +++ b/ssh_connector.py.md @@ -0,0 +1,125 @@ +# SSH Connector ssh_connector.py + +This document provides a detailed step-by-step explanation of how the `ssh_connector.py` script operates. This script is designed to perform a brute force attack on SSH services (port 22) to identify accessible accounts using various user credentials. Successful connections are logged for further use. + +## Overview + +### Description +- **Filename**: `ssh_connector.py` +- **Purpose**: To conduct brute force attacks on SSH services by attempting multiple user credential combinations and logging successful connections. + +## Initialization and Setup + +### Importing Modules +The script imports the following modules: + +- **Standard Libraries**: + - `os` + - `pandas` + - `paramiko` + - `socket` + - `threading` + - `logging` + - `time` + +- **External Libraries**: + - `rich.console` + - `rich.progress` + +- **Custom Modules**: + - `SharedData` + - `Logger` + +### Configuring the Logger +The logger is configured to log messages for `ssh_connector.py` at the DEBUG level, ensuring detailed logging of events and errors. + +### Defining Global Variables +Global variables are defined to provide metadata about the class and module, including: +- `b_class = "SSHBruteforce"` +- `b_module = "ssh_connector"` +- `b_status = "brute_force_ssh"` +- `b_port = 22` +- `b_parent = None` + +## `SSHBruteforce` Class + +### Purpose +The `SSHBruteforce` class manages the overall process of conducting the SSH brute force attack. It coordinates the attack process and updates the status based on the results. + +### Initialization +- **Attributes**: Initializes shared data and creates an instance of `SSHConnector`. +- **Logger**: Logs the initialization of the SSH connector. + +### Methods + +#### `bruteforce_ssh(ip, port)` +- **Purpose**: Initiates the brute force attack on the specified IP and port. +- **Logging**: Logs the start of the brute force process. +- **Returns**: The result of the brute force attempt, indicating success or failure. + +#### `execute(ip, port, row, status_key)` +- **Purpose**: Executes the brute force attack and updates the status key based on the result. +- **Logging**: Logs the execution attempt and updates the shared data status. + +## `SSHConnector` Class + +### Purpose +The `SSHConnector` class handles the connection attempts during the brute force attack and manages the results of successful connections. + +### Initialization +- **Attributes**: Sets up shared data, reads user and password lists, and prepares the results file. +- **File Handling**: Checks if the results file exists; if not, creates it with appropriate headers. + +### Methods + +#### `load_scan_file()` +- **Purpose**: Loads the netkb file and filters it for entries with SSH ports. +- **Details**: Reads the file and ensures the "Ports" column contains port 22 entries. + +#### `ssh_connect(adresse_ip, user, password)` +- **Purpose**: Attempts to establish an SSH connection using the provided credentials. +- **Error Handling**: Catches exceptions such as `paramiko.AuthenticationException`, `socket.error`, and `paramiko.SSHException`, logging connection failures. +- **Returns**: A boolean indicating whether the connection was successful. + +#### `run_bruteforce(adresse_ip, port)` +- **Purpose**: Executes the brute force attack by iterating over user and password combinations. +- **Progress Tracking**: Utilizes `rich.progress` to display the progress of the brute force attack. +- **Result Logging**: Logs successful connections and saves results immediately. +- **Duplicate Removal**: Calls `removeduplicates` to ensure no duplicate entries in the results file. + +#### `save_results()` +- **Purpose**: Saves the results of successful connection attempts to a CSV file. +- **Details**: Converts results to a DataFrame and appends them to the CSV file, ensuring no duplicates. + +#### `removeduplicates()` +- **Purpose**: Removes duplicate entries from the results CSV file. +- **Details**: Reads the CSV, drops duplicate rows, and rewrites the file without duplicates. + +## Detailed Execution Flow + +### Step 1: Initialization +- The `SSHBruteforce` class is initialized with shared data, creating an instance of `SSHConnector` and logging the initialization process. + +### Step 2: Load Scan File +- The `load_scan_file` method is called to load and filter the netkb file for entries with SSH ports. + +### Step 3: Execute Brute Force Attack +- The `bruteforce_ssh` method initiates the brute force attack on a given IP and port by calling `run_bruteforce`. + +### Step 4: Run Brute Force +- **Progress Tracking**: Uses `rich.progress` to monitor and display the progress of the attack. +- **Connection Attempts**: Iterates over the user and password lists, attempting to connect using `ssh_connect`. +- **Result Logging**: Logs successful connections and saves results to a CSV file. +- **Duplicate Removal**: Ensures no duplicate entries in the results file by calling `removeduplicates`. + +### Step 5: Update Status +- **Success/Failure**: The `execute` method updates the status based on the result of the brute force attack, logging the outcome. + +## Integration with Orchestrator + +### Method Call +The `SSHBruteforce` class is integrated into the orchestrator and called via its `execute` method. The process involves: +1. **Receiving Target Details**: The orchestrator provides IP and port details to the `SSHBruteforce` class. +2. **Performing Attack**: The `execute` method carries out the brute force attack. +3. **Updating Orchestrator**: The status (success or failure) is returned to the orchestrator for further action. +