Created
September 30, 2025 16:09
-
-
Save nszceta/26efd3eb4bc11d126ceb0ec2144a6fe4 to your computer and use it in GitHub Desktop.
Scan for SSH servers on the local switch and attempt to log in with the given credentials
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Configuration | |
| USERNAME="" | |
| PASSWORD="" | |
| INTERFACE="" | |
| SSH_TIMEOUT=10 | |
| CONNECT_TIMEOUT=5 | |
| # Colors | |
| GREEN='\033[0;32m' | |
| RED='\033[0;31m' | |
| YELLOW='\033[1;33m' | |
| BLUE='\033[0;34m' | |
| NC='\033[0m' | |
| # Check for sshpass | |
| if ! command -v sshpass &> /dev/null; then | |
| echo "Error: sshpass not installed. Run: sudo apt-get install sshpass" | |
| exit 1 | |
| fi | |
| echo "Scanning IPv6 neighbors on ${INTERFACE}..." | |
| ADDRESSES=$(ip -6 neigh show dev ${INTERFACE} | grep "^fe80" | awk '{print $1}') | |
| if [ -z "$ADDRESSES" ]; then | |
| echo "No IPv6 link-local neighbors found" | |
| exit 1 | |
| fi | |
| TOTAL=$(echo "$ADDRESSES" | wc -l) | |
| echo "Found ${TOTAL} IPv6 neighbors to test" | |
| echo "==========================================" | |
| echo "" | |
| SUCCESS=0 | |
| FAILED=0 | |
| while IFS= read -r ADDR; do | |
| TARGET="${USERNAME}@${ADDR}%${INTERFACE}" | |
| printf "%-45s" "${ADDR}" | |
| # CRITICAL FIX: Redirect stdin with < /dev/null to prevent SSH from consuming the loop input | |
| OUTPUT=$(timeout ${SSH_TIMEOUT} sshpass -p "${PASSWORD}" ssh \ | |
| -o StrictHostKeyChecking=no \ | |
| -o UserKnownHostsFile=/dev/null \ | |
| -o ConnectTimeout=${CONNECT_TIMEOUT} \ | |
| -o LogLevel=ERROR \ | |
| -o NumberOfPasswordPrompts=1 \ | |
| "${TARGET}" "hostname 2>/dev/null" 2>&1 < /dev/null) | |
| SSH_EXIT=$? | |
| # Check if successful | |
| if [ $SSH_EXIT -eq 0 ] && [ -n "$OUTPUT" ] && ! echo "$OUTPUT" | grep -qi "permission denied\|refused\|timeout"; then | |
| HOSTNAME=$(echo "$OUTPUT" | grep -v "Warning" | head -1 | tr -d '\r\n') | |
| echo -e "${BLUE}(${HOSTNAME})${NC} ${GREEN}✓ SUCCESS${NC}" | |
| echo "${ADDR},${HOSTNAME}" >> successful_hosts.txt | |
| ((SUCCESS++)) | |
| elif [ $SSH_EXIT -eq 124 ]; then | |
| echo -e "${YELLOW}✗ TIMEOUT${NC}" | |
| ((FAILED++)) | |
| elif echo "$OUTPUT" | grep -qi "Connection refused"; then | |
| echo -e "${RED}✗ FAILED${NC} (no SSH service)" | |
| ((FAILED++)) | |
| elif echo "$OUTPUT" | grep -qi "Permission denied"; then | |
| echo -e "${RED}✗ FAILED${NC} (wrong credentials)" | |
| ((FAILED++)) | |
| elif echo "$OUTPUT" | grep -qi "No route to host"; then | |
| echo -e "${RED}✗ FAILED${NC} (unreachable)" | |
| ((FAILED++)) | |
| else | |
| echo -e "${RED}✗ FAILED${NC}" | |
| ((FAILED++)) | |
| fi | |
| done <<< "$ADDRESSES" | |
| echo "" | |
| echo "==========================================" | |
| echo "Summary:" | |
| echo -e " ${GREEN}Successful:${NC} ${SUCCESS}/${TOTAL}" | |
| echo -e " ${RED}Failed:${NC} ${FAILED}/${TOTAL}" | |
| if [ $SUCCESS -gt 0 ]; then | |
| echo "" | |
| echo "Successful hosts saved to: successful_hosts.txt" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment