#!/usr/bin/perl # This Program, SNFT, Is Protected Under The Terms And # Conditions of Version Two (2) of # The GNU GENERAL PUBLIC LICENSE (GPL) # By The Entity Known As MikeeUSA ###################################################################### ##snft == Secure Network Forwarding Tunnel or SSH Never Fronts Twice## ###################################################################### sub title { print"::USE::USE::USE::USE::USE::USE::USE::\n"; print"::USE::USE::USE::USE::USE::USE::USE::\n"; print"::USE:: ::USE::\n"; print"::USE:: snft ::USE::\n"; print"::USE:: Written By MikeeUSA ::USE::\n"; print"::USE:: (C) GNU GPL version2 ::USE::\n"; print"::USE:: Requires/Uses OpenSSH ::USE::\n"; print"::USE:: ::USE::\n"; print"::USE::USE::USE::USE::USE::USE::USE::\n"; print"::USE::USE::USE::USE::USE::USE::USE::\n"; } ###################################################################### # USE: # # snft # # snft # # snft # ###################################################################### ################################################################################## # NOTICE: ## Ciphers: # ################################################################################## # aes128-cbc ## aes192-cbc ## aes256-cbc # Some flaws, best to use 256 if chosen # ################################################################################## # des ## 3des ## 3des-cbc # These are Weak # ################################################################################## # blowfish ##blowfish-cbc## # ################################################################################## # arcfour ## # Has a published attack # ################################################################################## # cast128-cbc## # ################################################################################## sub settings { ############## ###SETTINGS### ############## $autocn = '0'; #Auto Connect to $autoip? :: 1[yes] or 0[no] $autoln = '0'; #Auto Login Username $autoln? :: 1[yes] or 0[no] $cyphr0 = 'blowfish'; #Cypher of Main Connection :: aes128-cbc,des,3des,3des-cbc,blowfish,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc $cyphr1 = 'aes256-cbc'; #Cypher of Tunn Connection :: aes128-cbc,des,3des,3des-cbc,blowfish,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc $portsd = '22'; #Remote Port $autoip = '10.0.0.1'; #Remote Box $autol0 = 'mrbob'; #Login Name for connection 1 $autol1 = 'mrbob'; #Login Name for connection 2 $compr0 = '1'; #Compress Main Connection? :: 1[yes] or 0[no] $compr1 = '1'; #Compress Tunn Connection? :: 1[yes] or 0[no] $forwrd = '1'; #Use Forward string below? :: 1[yes] or 0[no] $fwdstr = '-L 8081:127.0.0.1:8080 -L 8082:127.0.0.1:1080 -L 7776:127.0.0.1:6667 -L 2020:127.0.0.1:20 -L 2021:127.0.0.1:21 -L 2023:127.0.0.1:23 -L 2025:127.0.0.1:25 -L 2080:127.0.0.1:80 -L 2110:127.0.0.1:110 -L 2143:127.0.0.1:143 -L 2209:127.0.0.1:209 -L 2220:127.0.0.1:220 -L 2443:127.0.0.1:443 -L 2465:127.0.0.1:465 -L 2989:127.0.0.1:989 -L 2990:127.0.0.1:990 -L 2992:127.0.0.1:992 -L 2993:127.0.0.1:993 -L 2995:127.0.0.1:995 -L 8888:127.0.0.1:8888 -L 9999:127.0.0.1:9999'; $prnttp = '1'; #Print Tunn Port? :: 1[yes] or 0[no] $xfwdsh = '1'; #Enable X forwarding? :: 1[yes] or 0[no] $kilssh = '1'; #Kill ssh connect when exiting:: 1[yes] or 0[no] #1(yes) is strongly advised here $cutof0 = '9'; #Offset for cut when searching for the PID to kill (after being pointed at ps aux): Usually 6 or 7, however we will start higher and work our way down (you can alternativly turn off killing by setting $kilssh to 0 so you can kill ssh manually $cutof1 = '8'; #Second cut offset to try $cutof2 = '7'; #.. + 1 $cutof3 = '6'; #.. + 1 $cutof4 = '5'; #.. + 1 $cutof5 = '4'; #.. + 1 ############## ##/SETTINGS/## ############## } ################################################################## #!Code!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!# #!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!# ################################################################## main(); sub main { evalua(); help(); title(); config(); check(); randtp(); connct(); } sub evalua { $confld = '/etc/snft.conf'; #path to config file $conffl = '1'; # 1 == enable, 0 == use settings(); $version = '0.0.4'; } sub help { if (($ARGV[0] eq '-h') or ($ARGV[0] eq '-H') or ($ARGV[0] eq '--help') or ($ARGV[0] eq '--HELP') or ($ARGV[0] eq '-help') or($ARGV[0] eq '-HELP')) { print"This Program, SNFT, Is Protected Under The Terms And\n"; print" Conditions of Version Two (2) of\n"; print" The GNU GENERAL PUBLIC LICENSE (GPL)\n"; print" By The Entity Known As MikeeUSA\n\n"; print"Usage0: snft \n"; print"Explanation0: Login to with then login to tunneled ssh session with \n\n"; print"Usage1: snft \n"; print"Explanation1: Login to with then login to tunneled ssh session with \n\n"; print"Usage2: snft \n"; print"Explanation2: Login to on port with then login to tunneled ssh session with \n\n"; print"Misc0: snft -h\n"; print"Explanation3: help screen\n\n"; print"Misc1: snft -v\n"; print"Explanation3: version screen\n\n"; exit(); } elsif (($ARGV[0] eq '-v') or ($ARGV[0] eq '-V') or ($ARGV[0] eq '--version') or ($ARGV[0] eq '--VERSION') or ($ARGV[0] eq '-version') or($ARGV[0] eq '-VERSION')) { print"snft $version by The Entity Known As MikeeUSA\n"; exit(); } else { #Continue } } sub config { if ($conffl == 1) { do "$confld" or errorc(); } else { settings(); } } sub errorc { print"\n[!]Could NOT Load Config File Thus Using Defaults[!]\n"; settings(); } sub check { if ($xfwdsh == 1) { $XFWD = '-X'; #Enabled } else { $XFWD = '-x'; #Disabled } if ($compr0 == 1) { $CMP0 = '-C'; #Enabled } else { $CMP0 = ''; } if ($compr1 == 1) { $CMP1 = '-C'; #Enabled } else { $CMP1 = ''; } if ($autocn == 1) { $ipaddy = $autoip; } else { $ipaddy = $ARGV[0]; if ($ipaddy eq '') { print"\nIP ADDRESS: "; $ipaddy = ; chomp($ipaddy); print"\n"; } else { #continue } } if ($autoln == 1) { $loginn = $autol0; } else { $loginn = $ARGV[1]; if ($loginn eq '') { print"\nLOGIN NAME: "; $loginn = ; chomp($loginn); print"\n"; } else { #continue } } if ($autoln == 1) { $login2 = $autol1; } else { if ($ARGV[2] eq '') { $login2 = $loginn; } else { $login2 = $ARGV[2]; } } if ($ARGV[3] eq '') { $rmport = $portsd; } else { $rmport = $ARGV[3]; } $ipaddy =~ s///g; } sub randtp { $numlst = int(rand(6)) + 1; $portst = $numlst; $numlst = int(rand(5)); $portst = "$portst"."$numlst"; $numlst = int(rand(10)); $portst = "$portst"."$numlst"; $numlst = int(rand(10)); $portst = "$portst"."$numlst"; $numlst = int(rand(10)); $portst = "$portst"."$numlst"; } sub randip { $ipaddy = int(rand(254)) + 1; $portst = $numlst; $numlst = int(rand(254)); $portst = "$portst"."$numlst"; $numlst = int(rand(254)); $portst = "$portst"."$numlst"; $numlst = int(rand(254)); $portst = "$portst"."$numlst"; } sub connct { if (($cyphr0 eq 'des') or ($cyphr1 eq 'des') or (($cyphr0 eq 'des') and ($cyphr1 eq 'des'))) { print"\n[!][NOTICE] You Are Using Very Weak 'Encryption' (DES) on one or both of you SSH connections!![!]\n"; } else { #Dont even need this else... why did i put it here.... structure? } print"\n[!][1]Connecting to port <$rmport> of host <$ipaddy> with the cypher <$cyphr0> using login name <$loginn>[!]\n"; system("ssh $CMP0 $XFWD -2 -N -f -p $rmport -c $cyphr0 -l $loginn -L $portst:127.0.0.1:$rmport $ipaddy"); if ($prnttp == 1) { print"\n[!][2]Connecting to LOCALHOST SSH Tunnel port <$portst> with the cypher <$cyphr1> using login name <$login2>[!]\n"; } else { print"\n[!][2]Connecting to LOCALHOST SSH Tunnel with the cypher <$cyphr1> using login name <$login2>[!]\n"; } if ($forwrd == 1) { system("ssh -2 $CMP1 $XFWD -c $cyphr1 -l $login2 $fwdstr -p $portst 127.0.0.1"); } else { system("ssh $CMP1 $XFWD -2 -c $cyphr1 -l $login2 -p $portst 127.0.0.1"); } if ($kilssh == 1) { system("for x in \$( ps aux | grep \"ssh $CMP0 $XFWD -2 -N -f -p $rmport -c $cyphr0 -l $loginn -L $portst:127.0.0.1:$rmport $ipaddy\" | cut -f$cutof0 -d \" \" ); do kill -9 \$x; done"); system("for x in \$( ps aux | grep \"ssh $CMP0 $XFWD -2 -N -f -p $rmport -c $cyphr0 -l $loginn -L $portst:127.0.0.1:$rmport $ipaddy\" | cut -f$cutof1 -d \" \" ); do kill -9 \$x; done"); system("for x in \$( ps aux | grep \"ssh $CMP0 $XFWD -2 -N -f -p $rmport -c $cyphr0 -l $loginn -L $portst:127.0.0.1:$rmport $ipaddy\" | cut -f$cutof2 -d \" \" ); do kill -9 \$x; done"); system("for x in \$( ps aux | grep \"ssh $CMP0 $XFWD -2 -N -f -p $rmport -c $cyphr0 -l $loginn -L $portst:127.0.0.1:$rmport $ipaddy\" | cut -f$cutof3 -d \" \" ); do kill -9 \$x; done"); system("for x in \$( ps aux | grep \"ssh $CMP0 $XFWD -2 -N -f -p $rmport -c $cyphr0 -l $loginn -L $portst:127.0.0.1:$rmport $ipaddy\" | cut -f$cutof4 -d \" \" ); do kill -9 \$x; done"); system("for x in \$( ps aux | grep \"ssh $CMP0 $XFWD -2 -N -f -p $rmport -c $cyphr0 -l $loginn -L $portst:127.0.0.1:$rmport $ipaddy\" | cut -f$cutof5 -d \" \" ); do kill -9 \$x; done"); } else { #do nothing } print"[!]Connection Lost[!]\n"; print"[!]EXITING snft by MikeeUSA"; if ($kilssh == 1) { print"[!]\n"; } else { print" (Remember to kill ssh)[!]\n"; } clean(); clean(); clean(); clean(); clean(); clean(); clean(); clean(); exit(); } sub clean { randtp(); randip(); rbag(); randtp(); randip(); gbag(); randtp(); randip(); fbag(); randtp(); randip(); rbag(); randtp(); randip(); gbag(); randtp(); randip(); fbag(); randtp(); randip(); rbag(); randtp(); randip(); gbag(); randtp(); randip(); fbag(); randtp(); randip(); rbag(); randtp(); randip(); gbag(); randtp(); randip(); fbag(); dbag(); } sub fbag { $autocn = '0'; $autoln = '0'; $cyphr0 = '0'; $cyphr1 = '0'; $rmport = '0'; $autoip = '0'; $autoln = '0'; $compr0 = '0'; $compr1 = '0'; $forwrd = '0'; $fwdstr = '0'; $prnttp = '0'; $xfwdsh = '0'; $autocn = '1'; $autoln = '1'; $cyphr0 = '1'; $cyphr1 = '1'; $rmport = '1'; $autoip = '1'; $autoln = '1'; $compr0 = '1'; $compr1 = '1'; $forwrd = '1'; $fwdstr = '1'; $prnttp = '1'; $xfwdsh = '1'; $autocn = '0'; $autoln = '0'; $cyphr0 = '0'; $cyphr1 = '0'; $rmport = '0'; $autoip = '0'; $autoln = '0'; $compr0 = '0'; $compr1 = '0'; $forwrd = '0'; $fwdstr = '0'; $prnttp = '0'; $xfwdsh = '0'; $CMP0 = '0'; $CMP1 = '0'; $XFWD = '0'; $portst = '0'; $numlst = '0'; $kilssh = 0; $portsd = '0'; $confld = '0'; $conffl = '0'; $version = '0'; $CMP0 = '1'; $CMP1 = '1'; $XFWD = '1'; $portst = '1'; $numlst = '1'; $kilssh = 1; $portsd = '1'; $confld = '1'; $conffl = '1'; $version = '1'; $CMP0 = '0'; $CMP1 = '0'; $XFWD = '0'; $portst = '0'; $numlst = '0'; $kilssh = 0; $portsd = '1'; $confld = '0'; $conffl = '0'; $version = '0'; } sub gbag { $autocn = 'asdfghjklqwertyuiopzxcvbnm'; $autoln = 'asdfghjklqwertyuiopzxcvbnm'; $cyphr0 = 'asdfghjklqwertyuiopzxcvbnm'; $cyphr1 = 'asdfghjklqwertyuiopzxcvbnm'; $rmport = '12345678900987654321123456'; $autoip = '128.128.128.128'; $autoln = 'asdfghjklqwertyuiopzxcvbnm'; $compr0 = '12345678900987654321123456'; $compr1 = '12345678900987654321123456'; $forwrd = '12345678900987654321123456'; $fwdstr = 'asdfghjklqwertyuiopzxcvbnmasdfghjklqwertyuiopzxcvbnmasdfghjklqwertyuiopzxcvbnmasdfghjklqwertyuiopzxcvbnmasdfghjklqwertyuiopzxcvbnmasdfghjklqwertyuiopzxcvbnmasdfghjklqwertyuiopzxcvbnmasdfghjklqwertyuiopzxcvbnm'; $prnttp = '12345678900987654321123456'; $xfwdsh = '12345678900987654321123456'; $CMP0 = '12345678900987654321123456'; $CMP1 = '12345678900987654321123456'; $XFWD = '12345678900987654321123456'; $portst = '12345678900987654321123456'; $numlst = '12345678900987654321123456'; $kilssh = '12345678900987654321123456'; $portsd = '12345678900987654321123456'; $confld = '12345678900987654321123456'; $conffl = 'asdfghjklqwertyuiopzxcvbnm'; $version = '12345678900987654321123456'; $autocn = '!@#$%^&*()_++_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!@#$%^&*()_+++++_)(*&^%$#@!!'; $autoln = '!@#$%^&*()_++_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!@#$%^&*()_+++++_)(*&^%$#@!!'; $cyphr0 = '!@#$%^&*()_++_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!@#$%^&*()_+++++_)(*&^%$#@!!'; $cyphr1 = '!@#$%^&*()_++_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!@#$%^&*()_+++++_)(*&^%$#@!!'; $rmport = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $autoip = '255.255.255.255'; $autoln = '!@#$%^&*()_++_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!@#$%^&*()_+++++_)(*&^%$#@!!'; $compr0 = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $compr1 = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $forwrd = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $fwdstr = 'L382004938 L19873987480983108495 L01874857803198495894300 L198759791732084759 L198742975710398458 L19827493570132984750 '; $prnttp = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $xfwdsh = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $CMP0 = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $CMP1 = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $XFWD = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $portst = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $numlst = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $kilssh = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $portsd = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $confld = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; $conffl = '!@#$%^&*()_++_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!!@#$%^&*()_+_)(*&^%$#@!@#$%^&*()_+++++_)(*&^%$#@!!'; $version = '987654321234567898765432123456789087654321123456789098765432112345678908765432123456789098765432123456789087654321543123'; } sub rbag { $autocn = '1'; $autoln = '1'; $cyphr0 = 'jaoemcnabevrch'; $cyphr1 = 'coisuehcisiean'; $rmport = '472967193'; $autoip = '10.10.10.10'; $autoln = 'AnSJhYhGbTnGbRvOmWzTmUvQnOmTAnSJhYhGbTnGbRvOmWzTmUvQnOmTAnSJhYhGbTnGbRvOmWzTmUvQnOmTAnSJhYhGbTnGbRvOmWzTmUvQnOmT'; #Login Name $compr0 = '1'; $compr1 = '1'; $forwrd = '1'; $fwdstr = '-L 12345:128.128.128:12345 -L 12345:128.128.128:12345 -L 12345:128.128.128:12345 -L 12345:128.128.128:12345 -L 12345:128.128.128:12345 -L 12345:128.128.128:12345 -L 12345:128.128.128:12345 '; $prnttp = '1'; $xfwdsh = '1'; $CMP0 = '1'; $CMP1 = '1'; $XFWD = '1'; $portst = '63618'; $numlst = '1'; $kilssh = '1'; $portsd = '75821'; $confld = '1'; $conffl = '/brg/ovk/emz/och/akuz.ceal'; $version = '1.1.1'; } sub dbag { $autocn = ''; $autoln = ''; $cyphr0 = ''; $cyphr1 = ''; $rmport = ''; $CMP0 = ''; $autoip = ''; $autoln = ''; $compr0 = ''; $compr1 = ''; $forwrd = ''; $CMP1 = ''; $fwdstr = ''; $prnttp = ''; $xfwdsh = ''; $XFWD = ''; $portst = ''; $numlst = ''; $kilssh = ''; $portsd = ''; $confld = ''; $conffl = ''; $version = ''; }