Python新手灰帽脚本练习--Zip文件爆破
大概思路:通过遍历字典的方式执行zipfile模块的extractall方法执行解压操作,实现爆破操作。
1、先来个常规的解压操作
提前准备了'2323.zip'文件,并设置解压密码为‘123’,使用extractall方法实现解压。
1 import zipfile 2 zfile = zipfile.ZipFile('2323.zip') 3 zfile.extractall(pwd='123')
2、增加遍历字典和异常处理
这里使用的字典为‘1.txt’
1 import zipfile 2 3 zFile = zipfile.ZipFile('2323.zip') 4 dictionary = open('1.txt','r') 5 6 for line in dictionary.readlines(): 7 password = line.strip('\n') 8 try: 9 print '[-] Testing Password: ' + password 10 zFile.extractall(pwd=password) 11 print '[+] Password Found! The Password is : '+ password 12 except: 13 pass
3、初步整理,模块化代码
1 import zipfile 2 3 def unzip(zFile,dictionary): 4 for line in dictionary.readlines(): 5 password = line.strip('\n') 6 try: 7 print '[-] Testing Password: ' + password 8 result = zFile.extractall(pwd=password) 9 print '[+] Password Found! The Password is : '+ password 10 except: 11 pass 12 13 def main(): 14 dictionary = open('1.txt','r') 15 zFile = zipfile.ZipFile("2323.zip") 16 unzip(zFile,dictionary) 17 18 if __name__ == '__main__': 19 main()
4、增加线程提高效率
1 import zipfile 2 from threading import Thread 3 4 def unzip(zFile,dictionary): 5 for line in dictionary.readlines(): 6 password = line.strip('\n') 7 try: 8 print '[-] Testing Password: ' + password 9 result = zFile.extractall(pwd=password) 10 print '[+] Password Found! The Password is : '+ password 11 except: 12 pass 13 14 def main(): 15 dictionary = open('1.txt','r') 16 zFile = zipfile.ZipFile("2323.zip") 17 t = Thread(target = unzip , args=(zFile,dictionary)) 18 t.start() 19 if __name__ == '__main__': 20 main()
5、最后使用sys或optparse模块实现自定义输入,进一步完善
使用sys模块:
1 #! /usr/bin/python 2 # coding=utf-8 3 # __author__='Dou—wei' 4 5 import zipfile 6 import sys 7 from threading import Thread 8 9 def unzip(zFile,dictionary): 10 for line in dictionary.readlines(): 11 password = line.strip('\n') 12 try: 13 print '[-] Testing Password: ' + password 14 result = zFile.extractall(pwd=password) 15 print '[+] Password Found! The Password is : '+ password 16 except: 17 pass 18 19 def main(): 20 zip_name = sys.argv[1] 21 dict_name = sys.argv[2] 22 dictionary = open(dict_name,'r') 23 zFile = zipfile.ZipFile(zip_name) 24 t = Thread(target = unzip , args=(zFile,dictionary)) 25 t.start() 26 27 if __name__ == '__main__': 28 main()
效果如下图:
使用optparse模块:
1 #! /usr/bin/python 2 # coding=utf-8 3 # __author__='Dou—wei' 4 5 import zipfile 6 import optparse 7 from threading import Thread 8 9 def unzip(zFile,dictionary): 10 for line in dictionary.readlines(): 11 password = line.strip('\n') 12 try: 13 print '[-] Testing Password: ' + password 14 result = zFile.extractall(pwd=password) 15 print '[+] Password Found! The Password is : '+ password 16 except: 17 pass 18 19 def parser_support(): 20 parser = optparse.OptionParser("usage: <Example> python zipcrack.py"+" -f <zipfile> -d <dictionary>") 21 parser.add_option('-f',dest='zname',type='string',help='specify zip file') 22 parser.add_option('-d',dest='dname',type='string',help='specify dictionary file') 23 (options, args)=parser.parse_args() 24 if (options.zname==None) | (options.dname==None): 25 print parser.usage 26 exit(0) 27 else: 28 global zname,dname 29 zname = options.zname 30 dname = options.dname 31 32 def main(): 33 parser_support() 34 dictionary = open(dname) 35 zFile = zipfile.ZipFile(zname) 36 t = Thread(target = unzip , args=(zFile,dictionary)) 37 t.start() 38 39 if __name__ == '__main__': 40 main()
效果如下图: