Paramiko is a python library providing SSHv2 protocol. It provides Client and Server feature. I have given the introduction in last article, in case you have missed it, here is the link: http://www.anonhack.in/2018/06/hacking-with-python-series-python-libraries-for-ssh/.
Let’s get on with the code because nothing is more interesting than the code itself.
Before, you run the code install the Paramiko library.
Command to install: pip install paramiko
Command to upgrade it: pip install –upgrade paramiko
Explanation for the code below:
param_ssh(addr,user,passwd): is the function I have created that takes hostname of the target machine with the username and password.
client = paramiko.SSHClient() : With this code we are creating an object for paramiko.SSHClient(). This object will handle all our requests and commands. You can name it anything.
client.set_missing_host_key_policy(paramiko.AutoAddPolicy()): This line handles the key policies, Add keys to the local hostkey lists. This line must be specified because key handling is important while making a connection.
These two lines make a connection with the host to get the IP address. I added this line because I felt there is a need to add it if you enter a domain name and not a proper IP address. Must be enclosed in try and Except Block.
client.connect(ip, username=username, password=password, look_for_keys=False): This line will then make a SSH connection using ip, username, password and look_for_keys=False will set the search of private keys in the local machine to false. This ways it will make connection using password only.
print(“Connected Successfully with “+username+”:”+password)
The above lines of code handles the std input and output when the connection has been successfully made. You can use interactive command so as to communicate with the server.
#!/usr/bin/python import paramiko import socket import sys #A variable 'e',this will act as a flag. You can also define it inside the function itself. e=0 #A function I have defined that takes arguments addr as hostname,user as username,passwd as password def param_ssh(addr,user,passwd): global e #Making use of variable e in the function #Assigning the values username=user password=passwd address=addr #just a print line print("Connecting to server...") #defining an object for SSHClient(). client will act as a handler here. You can name it anything client = paramiko.SSHClient() #This handles the missing Keys while connecting to the server. It will add the host keys locally if not present. client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: sock=socket.socket() #normal socket object ip=socket.gethostbyname(address) #getting IP address client.connect(ip, username=username, password=password, look_for_keys=False) # Making connection except Exception as r: e=1 #if exception is raised value of e will turn 1. Showing failue message print("[-]"+str(r)+" \nWrong credentials "+username+":"+password) #if the value of e stays 0 that means the connection has been made successfully then below lines will run if(e==0): print("Connected Successfully with "+username+":"+password) stdin,stdout,stderr=client.exec_command('whoami') #creating stdin,stdout,stderr command execution outlines=stdout.readlines() #reading the terminal output resp=''.join(outlines) print(resp) #checker for arguments if len(sys.argv) < 4: print('Not enough arguments\n>>hostname,username,password required.') else: address=sys.argv username=sys.argv password=sys.argv param_ssh(address,username,password)