https://github.com/waived/ssh-self-rep

Self-replicating SSH script - scans internet and attempts to hijack insecure SSH connections + download/exec a shell
https://github.com/waived/ssh-self-rep

auto-injection exploit-scanner proof-of-concept python3 self-replicating ssh-scanner

Last synced: 4 months ago
JSON representation

Self-replicating SSH script - scans internet and attempts to hijack insecure SSH connections + download/exec a shell

• Host: GitHub
• URL: https://github.com/waived/ssh-self-rep
• Owner: waived
• Created: 2024-05-16T19:34:33.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2024-06-22T21:45:28.000Z (about 1 year ago)
• Last Synced: 2025-01-01T05:32:00.539Z (6 months ago)
• Topics: auto-injection, exploit-scanner, proof-of-concept, python3, self-replicating, ssh-scanner
• Language: Python
• Homepage:
• Size: 20.5 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.txt

Awesome Lists containing this project

README

        
 _____ _____ _____    _____ _____ __    _____    _____ _____ _____ 

|   __|   __|  |  |  |   __|   __|  |  |   __|  | __  |   __|  _  |

|__   |__   |     |  |__   |   __|  |__|   __|  |    -|   __|   __|

|_____|_____|__|__|  |_____|_____|_____|__|     |__|__|_____|__|   

OVERVIEW:

     This script acts as a password-spraying engine. It generates random IP addresses

     and probes them for an SSH connection. If a connection is found, the script will

     then attempt to login via either user-specific credentials or the ones pre-set in

     the script. If a connection is successful, the script will send BASH commands which

     will download and auto-execute the user-specified payload.

     Beware: scanning with this tool can anger ISPs, and termination of internet service

     is a possibility. All responsibility falls on the end-user. You have been warned!

FEATURES:

     THREADING: This script supports multi-threading. This boosts effeciency as multiple

                IP addresses can be scanned at any given time. However, the downside is

                that when engaging multiple IP addresses, this activity can bog down a

                network. Be cautious of your bandwidth consumption and system resources.

     BLACKLIST: This script generates IP addresses following no particular scheme. By

                default, internal IPs and subnets are blocked for efficiency and to 

                reduce and false positives.

    HOST COUNT: The user can specify how many IP addresses that are to be probed. Of

                course, this script also has to option to run indefinitely. 

       COMMAND: The user can specify a command statement to run upon the successful breach

                of an SSH connection. It must be wrapped in quotes.

     COMBOLIST: By default, this script uses known weak SSH credentials to attempt a

                breach. Additionally, a combo-list (with the format :)

                can also be specified. Default preset credentials will still be used against

                the host.

KNOWN BUGS: 

     I'm lazy and spent very little time field testing this. It is possible.

FUTURE UPDATES:

     Maybe, idk...lmao