import pexpect
PROMPT = ['# ', '>>> ', '> ', '\$ ', '~# ']
def send_command(child, cmd):
child.sendline(cmd)
child.expect(PROMPT)
print child.before, child.after
def connect(user, host, password):
ssh_newkey = 'Are you sure you want to continue connecting (yes/no)?'
connStr = 'ssh ' + user + '@' + host
child = pexpect.spawn(connStr)
ret = child.expect([ssh_newkey, 'password:'])
if ret == 0:
print '[-] Error Connecting'
return
elif ret == 1:
child.sendline('yes')
ret = child.expect('password:')
if ret == 0:
print '[-] Error Connecting'
return
child.sendline(password)
child.expect(PROMPT)
return child
def main():
host = 'test.rebex.net'
user = 'demo'
password = 'password'
child = connect(user, host, password)
send_command(child, 'cat /etc/shadow | grep root')
if __name__ == '__main__':
main()
[-] Error Connecting
Traceback (most recent call last):
File "./bruteSSH.py", line 33, in <module>
main()
File "./bruteSSH.py", line 31, in main
send_command(child, 'cat /etc/shadow | grep root')
File "./bruteSSH.py", line 6, in send_command
child.sendline(cmd)
AttributeError: 'NoneType' object has no attribute 'sendline'
答案 0 :(得分:0)
首先,您在6行上的缩进是错误的。
由于未正确设置子对象并成功连接子对象,因此导致此错误。
如果这正是您的代码,那么问题在于“ child.sendline()”在函数外部执行,而child是函数“ send_command”内部的局部变量 因此全局子变量尚未定义
答案 1 :(得分:0)
您不会在两个条件上返回任何值。那就是您得到None的地方,也是导致错误的原因。参见下面的注释行:
if ret == 0:
print '[-] Error Connecting'
return # THIS WILL CAUSE YOUR ERROR
elif ret == 1:
child.sendline('yes')
ret = child.expect('password:')
if ret == 0:
print '[-] Error Connecting'
return # THIS WILL ALSO CAUSE YOUR ERROR
但是您的逻辑仍然存在缺陷。如果为数组传递期望值,则Expect会返回0或匹配项的索引。在您的代码中,将其传递给数组。因此,返回值为0表示它已成功匹配您的第一个条目-“您确定”条件。如果匹配,则要发送“是”。以下是我认为您想要的更多内容...
import pexpect
PROMPT = ['# ', '>>> ', '> ', '\$ ', '~# ']
def send_command(child, cmd):
child.sendline(cmd)
child.expect(PROMPT)
print child.before, child.after
def connect(user, host, password):
ssh_newkey = 'Are you sure you want to continue connecting (yes/no)?'
connStr = 'ssh ' + user + '@' + host
child = pexpect.spawn(connStr)
ret = child.expect(['password:', ssh_newkey])
if ret == 1:
child.sendline('yes')
ret = child.expect('password:')
if ret != 0:
print '[-] Error Connecting'
return # THIS WILL RETURN A NONE SO YOU SHOULD CHECK FOR IT. SHOULD EXPLICITLY DO A return None TO MAKE IT CLEARER
child.sendline(password)
child.expect(PROMPT)
return child
def main():
host = 'localhost'
user = 'demo'
password = 'password'
child = connect(user, host, password)
if child is not None:
send_command(child, 'cat /etc/shadow | grep root')
else:
print "Problem connecting!"
if __name__ == '__main__':
main()
答案 2 :(得分:0)
问题就在您眼前。如“ [*]错误连接”打印语句所示,当您在连接函数中遇到错误时,您什么也不返回。仅当连接成功时,它才会返回子对象,但是当连接失败时,您将返回“空对象”并退出函数。您无法建立成功的连接,因此子对象永远不会返回到主函数中的“子”变量中。 并且您将此相同的“空对象”传递给send_command(),因此不起作用
import sys
def connect(user, host, password):
ssh_newkey = 'Are you sure you want to continue connecting (yes/no)?'
connStr = 'ssh ' + user + '@' + host
child = pexpect.spawn(connStr)
ret = child.expect([ssh_newkey, 'password:'])
if ret == 0:
print '[-] Error Connecting'
sys.exit()
elif ret == 1:
child.sendline('yes')
ret = child.expect('password:')
if ret == 0:
print '[-] Error Connecting'
sys.exit()
child.sendline(password)
child.expect(PROMPT)
return child
现在,只有连接成功后,您的程序才会继续执行。 也许期望值和密码可能是错误的,总体问题是您无法建立成功的连接