Fixed #40, WIP #39

m4n3dw0lf · Jan 8, 2019 · cc5d8f4 · cc5d8f4
1 parent 55429aa
commit cc5d8f4
Show file tree

Hide file tree

Showing 4 changed files with 75 additions and 7 deletions.
diff --git a/pythem/core/interface.py b/pythem/core/interface.py
@@ -67,6 +67,7 @@ def __init__(self):
         self.interface = None
         self.gateway = None
         self.port = 80
+        self.ssh_port = 22
         self.domain = None
         self.redirect = None
         self.script = None
@@ -760,7 +761,7 @@ def start(self):
                                     try:
                                         username = raw_input("[+] Enter the username to bruteforce: ")
                                         brutus = SSHbrutus()
-                                        brutus.start(self.targets,username,self.file)
+                                        brutus.start(self.targets, username, self.file, self.ssh_port)
                                     except KeyboardInterrupt:
                                         pass
                                     except TypeError:

diff --git a/pythem/modules/bruteforcer.py b/pythem/modules/bruteforcer.py
@@ -228,6 +228,7 @@ def __init__(self):
         self.trgt = None
         self.usr = None
         self.fobj = None
+        self.port = None
 
     def exists(self):
         """Tests if the file exists and if the executing user has read access
@@ -250,7 +251,7 @@ def ssh_connect(self, passwd, code=0):
         ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
 
         try:
-            ssh.connect(self.trgt, port=22, username=self.usr, password=passwd, timeout=2)
+            ssh.connect(self.trgt, port=self.port, username=self.usr, password=passwd, timeout=2)
         except paramiko.AuthenticationException:
             code = 1
         except socket.error, err:
@@ -259,14 +260,14 @@ def ssh_connect(self, passwd, code=0):
         ssh.close()
         return code
 
-    def start(self, trgt, usr, fobj):
+    def start(self, trgt, usr, fobj, port):
         self.trgt = trgt
         self.usr = usr
         self.fobj = fobj
+        self.port = port
         """Itterates trough the password list and checks wheter or not the
         correct password has been found. """
-        fobj = self.exists()
-        wlist = open(fobj)
+        wlist = open(self.fobj)
 
         for i in wlist.readlines():
             passwd = i.strip("\n")

diff --git a/pythem/tests/test_arpspoof_module.py b/pythem/tests/test_arpspoof_module.py
@@ -6,6 +6,9 @@
 from scapy.all import *
 from threading import Thread
 from time import sleep
+import os, sys
+
+sys.stdout = open(os.devnull, 'w')
 
 class TestMacTarget(Thread):
     def __init__(self, group=None, target=None, name=None, args=(), kwargs=None, verbose=None):
@@ -20,12 +23,11 @@ def test_sniffer_callback(self, p):
                 socket.send(Ether(src='aa:bb:cc:dd:ee:ff', dst='ff:ff:ff:ff:ff:ff') / ARP(op="is-at", pdst='127.0.0.1',
                                     psrc='127.0.0.1',hwdst="ff:ff:ff:ff:ff:ff",hwsrc='aa:bb:cc:dd:ee:ff'))
             if p[ARP].op == 2 and p[ARP].hwsrc == 'ff:ee:dd:cc:bb:aa':
-                p.show()
                 exit(0)
     def run(self):
         p = sniff(iface='lo', prn=self.test_sniffer_callback)
 
-class TestModulesObjectsCreation(unittest.TestCase):
+class TestARPspoofModule(unittest.TestCase):
     def test_arpspoof(self):
         from pythem.modules.utils import get_myip, get_mymac
         myip = get_myip('lo')

diff --git a/pythem/tests/test_bruteforce_module.py b/pythem/tests/test_bruteforce_module.py
@@ -0,0 +1,64 @@
+import logging
+logging.disable(logging.ERROR)
+from multiprocessing.pool import ThreadPool
+from mock import patch, mock_open
+from paramiko import RSAKey
+import threading
+import paramiko
+import unittest
+import socket
+import os, sys 
+
+sys.stdout = open(os.devnull, 'w')
+
+host_key = RSAKey.generate(bits=4096)
+
+class Server(paramiko.ServerInterface):
+    def __init__(self):
+        self.event = threading.Event()
+        self.authenticated = 0
+
+    def check_channel_request(self, kind, chanid):
+        if kind == 'session':
+            return paramiko.OPEN_SUCCEEDED
+
+    def check_auth_password(self, username, password):
+        logging.error("Credentials Received user: {} / password: {}".format(username,password))
+        if username == "username" and password == "test_password":
+            self.authenticated = 1
+            return 0
+	return 2
+
+    def get_allowed_auths(self, username):
+        return "password"
+
+def listener():
+    sock = socket.socket(2,1)
+    sock.setsockopt(1,2,1)
+    sock.bind(('',2222))
+    sock.listen(100)
+    client, addr = sock.accept()
+    t = paramiko.Transport(client)
+    t.add_server_key(host_key)
+    t.set_gss_host(socket.getfqdn(""))
+    t.load_server_moduli()
+    server = Server()
+    t.start_server(server=server)
+    server.event.wait(3)
+    t.close()
+    return server.authenticated
+
+pool = ThreadPool(processes=1)
+
+class TestSSHModule(unittest.TestCase):
+    def test_bruteforcer(self):
+        from pythem.modules.bruteforcer import SSHbrutus
+        async_result = pool.apply_async(listener,)
+        bruter = SSHbrutus()
+        with patch("__builtin__.open", mock_open(read_data="test_password")) as wordlist:
+            bruter.start("127.0.0.1","username",wordlist,2222)
+            return_val = async_result.get()
+            assert return_val == 1
+
+if __name__ == "__main__":
+    unittest.main()