/
victim.go
75 lines (69 loc) · 1.36 KB
/
victim.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package main
/*
* victim.go
* Create a connection to the victim
* By J. Stuart McMurray
* Created 20150122
* Last Modified 20150122
*/
import (
"flag"
"fmt"
"net"
"golang.org/x/crypto/ssh"
)
var (
vicAddr = flag.String(
"c",
"192.168.11.7:222",
"Real SSH server's `address`",
)
vicUser = flag.String(
"u",
"",
"If set, connect to the real SSH server with this `username` "+
"regardless of what the client sent",
)
vicPass = flag.String(
"p",
"iscaitlinjoiningus",
"Authenticate to the real SSH server with this `password`",
)
)
/* dialVictim dials the victim with the supplied username, which may have been
overridden on the command line. */
func dialVictim(user string) (
ssh.Conn,
<-chan ssh.NewChannel,
<-chan *ssh.Request,
string,
) {
/* Username to use on the remote end */
u := *vicUser
if "" == u {
u = user
}
/* Try to make a connection to the victim */
nc, err := net.Dial("tcp", *vicAddr)
if nil != err {
return nil, nil, nil, fmt.Sprintf(
"Unable to connect to victim %v: %v",
*vicAddr,
err,
)
}
c, reqs, chans, err := ssh.NewClientConn(nc, *vicAddr, &ssh.ClientConfig{
User: u,
Auth: []ssh.AuthMethod{ssh.Password(*vicPass)},
})
if nil != err {
return c, reqs, chans, fmt.Sprintf(
"Unable to SSH to victim as %v@%v / %v: %v",
u,
*vicAddr,
*vicPass,
err,
)
}
return c, reqs, chans, ""
}