GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → btx3 → Shodan-RPi

btx3 / Shodan-RPi

Licence: MIT License
A simple SSH bruteforce script targeting (not necessarily) Raspbian devices.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

sshraspberry-pishodanraspberrypibruteforcebrute-forceshodan-api

Projects that are alternatives of or similar to Shodan-RPi

Ssb
Secure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server
Stars: ✭ 832 (+6300%)
Mutual labels:  ssh, bruteforce, brute-force
Brutegram
Instagram multi-bruteforce Platfrom
Stars: ✭ 183 (+1307.69%)
Mutual labels:  bruteforce, brute-force
psolving-paradigms
Common problems of dynamic programming methods and techniques, including prerequisites, for competitive programmers.
Stars: ✭ 34 (+161.54%)
Mutual labels:  bruteforce, brute-force
instabrute
Instagram Brute Forcer
Stars: ✭ 135 (+938.46%)
Mutual labels:  bruteforce, brute-force
shodan
🌑 R package to work with the Shodan API
Stars: ✭ 16 (+23.08%)
Mutual labels:  shodan, shodan-api
urlbuster
Powerful mutable web directory fuzzer to bruteforce existing and/or hidden files or directories.
Stars: ✭ 144 (+1007.69%)
Mutual labels:  bruteforce, brute-force
thelordseye
thelordseye searches and returns detailed information about devices that are directly connected to the internet [IoT] (Smart TV's, Fridges, Webcams, Traffic Lights etc).
Stars: ✭ 30 (+130.77%)
Mutual labels:  shodan, shodan-api
phpmyadmin-authentication-bruteforce
phpMyAdmin Authentication Bruteforce Tool
Stars: ✭ 58 (+346.15%)
Mutual labels:  bruteforce, brute-force
ShoScan
Shodan Port Scanner
Stars: ✭ 38 (+192.31%)
Mutual labels:  shodan, shodan-api
smtplib-bruteforce
bruteforcing gmail (TLS/SSL)
Stars: ✭ 26 (+100%)
Mutual labels:  bruteforce, brute-force
Bitcoin-wallet-cracker
Automated Bitcoin wallet generator that with mnemonic and passphrases bruteforces wallet addresses
Stars: ✭ 140 (+976.92%)
Mutual labels:  bruteforce, brute-force
Brute-Force-Login
Proof -Of-Concept Brute Force Login on a web-site with a good dictionary of words
Stars: ✭ 231 (+1676.92%)
Mutual labels:  bruteforce, brute-force
PUPI
🛅 Passwords using personal information
Stars: ✭ 65 (+400%)
Mutual labels:  bruteforce, brute-force
ShodanCPP
ShodanCPP is a С++ library for accessing the Shodan API.
Stars: ✭ 18 (+38.46%)
Mutual labels:  shodan, shodan-api
weakpass generator
generates weak passwords based on current date
Stars: ✭ 36 (+176.92%)
Mutual labels:  bruteforce, brute-force
password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+1238.46%)
Mutual labels:  bruteforce, brute-force
Discord-Nitro-BruteForce
simple discord nitro code generator and checker written in c#
Stars: ✭ 26 (+100%)
Mutual labels:  bruteforce, brute-force
Brutedum
BruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
Stars: ✭ 212 (+1530.77%)
Mutual labels:  ssh, brute-force
Knock
🔑 Scan the entire internet for SSH and Telnet services. Then hack them.
Stars: ✭ 60 (+361.54%)
Mutual labels:  shodan, brute-force
d00r
Simple directory brute-force tool written with python.
Stars: ✭ 35 (+169.23%)
Mutual labels:  bruteforce, brute-force
View All Similar Projects ➔

Shodan-RPi

This script can be used to quickly test out a SSH key or a credential pair on several hosts.

By default it uses the Shodan API to search for Raspbian devices running an SSH server, and tries to SSH into them by using the default credentials pi:raspberry.

Requirements

  • paramiko (the SSH client)
  • shodan (the API client)
  • colorama (the colored output module)

...which can be installed by running pip3 install -r requirements.txt on Linux and python3 -m pip install -r requirements.txt on Windows.

Usage

usage: shodan_raspi.py [-h] [-i FILE] [-indefinite] [-k KEY]
                       [-paramiko-log FILE] [-o FILE] [-u U] [-p P] [-t T]
                       [-debug] [-query-string SSTRING] [-ssh-key KEY]
                       [-c CMD] [-limit RESULTS] [-enable-multiproc]

optional arguments:
  -h, --help            show this help message and exit
  -i FILE               List of IPs
  -k KEY                Use KEY as the Shodan API key
  -paramiko-log FILE    Log Paramiko SSH's progress to FILE
  -o FILE               Output successful IPs to FILE
  -u USER               Use alternate username
  -p PASS               Use alternate password
  -t THREADS            Threads for multiprocessing
  -debug                Show debug information
  -query-string SSTRING
                        Use SSTRING as the Shodan query string
  -ssh-key KEY          Try auth with KEY as SSH key
  -c CMD                Run CMD after a successful connection
  -limit RESULTS        Maximum number of results to get from Shodan (default
                        100)
  -disable-multiproc    Disable multiprocessing support (slower, more complete output)

So, for example, scan Shodan for OpenSSH servers, and try to connect using the the username root and password 123456

./shodan_raspi.py -k SHODAN_KEY -query-string "OpenSSH" -u root -p 123456

Additionally, the script can be edited (specifically the variable api_key) to not require an API key in the arguments.

By default, the script will poll Shodan for results and write the IPs into a list, trying them until it reaches the end.

Bugs

MULTIPROCESSING: Multiprocessing will not work in some environments like Termux (This platform lacks a functioning sem_open implementation.). In case this happens, append -disable-multiproc to the command line.

MULTIPROCESSING: Incomplete error handling

GENERAL: Sometimes, even if authentication is successful, command execution will not work on some devices - for example Cisco gear - due to the way shells are implemented in these systems.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].