SSH & FTP Attacks - Testing the SSH Login script issues

I have followed the code and looked over and over again for any errors I either noticed myself or any differences between mine and the videos course. I have tried multiple different things to fix it. I have tried implementing a child.delaybeforesend = None as according to the pexpect library documentation which didn’t work. Any help would be greatly appreciated. I am an intermediate programmer and by no means an expert but I am trying to get there and I cant move on with this course until I figure this out.

#!/usr/bin/python

import pexpect

PROMPT = ['# ', '>>> ', '> ', '/$ ', '~$ ', 'nmsfadmin@metasploitable:~$ ']

def connect(user, host, password):
        ssh_newkey = 'Are you sure you want to continue connecting'
        connStr = 'ssh ' + user + '@' + host
        child = pexpect.spawn(connStr)
        ret = child.expect([pexpect.TIMEOUT, ssh_newkey,'[P|p]assword: '])
        if ret == 0:
                print '[-] Error Connecting'
                return
        if ret == 1:
                child.sendline('yes')
                ret = child.expect([pexpect.TIMEOUT,'[P|p]assword: '])
                if ret == 0:
                        print '[-] Error Connecting'
                        return
        child.sendline(password)
        child.expect(PROMPT)
        return child

def send_command(child,command):
        child.sendline(command)
        child.expect(PROMPT)
        print chlild.before


def main():
        host = raw_input('Enter Target: ')
        user = raw_input('Enter SSH Username: ')
        password = raw_input('Enter SSH Password: ')
        child = connect(user,host,password)
        send_command(child, 'cat etc/shadow | grep root;ps')
main()

The errors are as follows

Enter Target: 192.168.1.83
Enter SSH Username: msfadmin
Enter SSH Password: msfadmin
Traceback (most recent call last):
  File "./sshlogin.py", line 37, in <module>
main()
  File "./sshlogin.py", line 35, in main
child = connect(user,host,password)
  File "./sshlogin.py", line 22, in connect
child.expect(PROMPT)
  File "/usr/lib/python2.7/dist-packages/pexpect/spawnbase.py", line 341, in expect
timeout, searchwindowsize, async_)
  File "/usr/lib/python2.7/dist-packages/pexpect/spawnbase.py", line 369, in expect_list
return exp.expect_loop(timeout)
  File "/usr/lib/python2.7/dist-packages/pexpect/expect.py", line 119, in expect_loop
return self.timeout(e)
  File "/usr/lib/python2.7/dist-packages/pexpect/expect.py", line 82, in timeout
raise TIMEOUT(msg)
pexpect.exceptions.TIMEOUT: Timeout exceeded.
<pexpect.pty_spawn.spawn object at 0x7f123bfca410>
command: /usr/bin/ssh
args: ['/usr/bin/ssh', 'msfadmin@192.168.1.83']
buffer (last 100 chars): 'com/\r\nNo mail.\r\nLast login: Mon Jun  8 04:48:20 2020 from     192.168.1.69\r\r\nmsfadmin@metasploitable:~$ '
before (last 100 chars): 'com/\r\nNo mail.\r\nLast login: Mon Jun  8 04:48:20 2020 from    192.168.1.69\r\r\nmsfadmin@metasploitable:~$ '
after: <class 'pexpect.exceptions.TIMEOUT'>
match: None
match_index: None
exitstatus: None
flag_eof: False
pid: 2432
child_fd: 5
closed: False
timeout: 30
delimiter: <class 'pexpect.exceptions.EOF'>
logfile: None
logfile_read: None
logfile_send: None
maxread: 2000
ignorecase: False
searchwindowsize: None
delaybeforesend: 0.05
delayafterclose: 0.1
delayafterterminate: 0.1
searcher: searcher_re:
0: re.compile('# ')
1: re.compile('>>> ')
2: re.compile('> ')
3: re.compile('/$ ') ----->it is not because of this tried it already

Please help

I will try to replicate the same code on to my system, give me some time. Although it isn’t the reason for the error but you have a spelling error in your code in def send_command function. I will get back to this as soon as I can.

Are you able to login to the metasploitable machine from your Kali using normal ssh command? Also, you have one more spelling mistake in your PROMPT line, it should be msfadmin instead of nmsfadmin

hmm il try that, ignore the nmsfadmin because i added the last 2 things in the prompt line just experimenting to try and fix it so they are not actually in the main code

hello, i was able to connect, il paste the process in here incase its a clue as to why the script is not working

root@kali:~# ssh 192.168.1.83 22
root@192.168.1.83's password: 
Permission denied, please try again.
root@192.168.1.83's password: 
Permission denied, please try again.
root@192.168.1.83's password: 
root@192.168.1.83: Permission denied (publickey,password).
root@kali:~# ssh msfadmin@192.168.1.83 22
msfadmin@192.168.1.83's password: 
bash: 22: command not found
root@kali:~# ssh msfadmin@192.168.1.83
msfadmin@192.168.1.83's password: 
Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To access official Ubuntu documentation, please visit:
http://help.ubuntu.com/
No mail.
Last login: Mon Jun 15 04:16:49 2020
msfadmin@metasploitable:~$ 

As far as I understand, these two lines im pasting below indicate a succesfull connection, errors seem like they are coming from the pexpect.TIMEOUT as if its timing out, could it be a bug in the pexpect library?

buffer (last 100 chars): 'com/\r\nNo mail.\r\nLast login: Mon Jun  8 04:48:20 2020 from     192.168.1.69\r\r\nmsfadmin@metasploitable:~$ '
before (last 100 chars): 'com/\r\nNo mail.\r\nLast login: Mon Jun  8 04:48:20 2020 from    192.168.1.69\r\r\nmsfadmin@metasploitable:~$ '

Any joy? Still cant see whats up with it

On the PROMPT line, you have '/$ ’
Change the “/” (forward slash) to “\” (back slash)

Save and try again.

omg wow, mad how you can spend hours looking for something and it ends up being that lol, ah well learnt a ton looking for the answer

1 Like