python zipfile模块和optparse模块暴力破解zip文件
代码
# -*- coding: utf-8 -*-
# @Author : Lan126
import optparse
import zipfile
from threading import Thread
def extractFile(zFile, passwd):
try:
zFile.extractall(pwd=str.encode(passwd))
print("[+] Found password "+passwd+"\n")
except:
pass
def main():
"""
optparse 的用法
"""
parser = optparse.OptionParser("usage%prog " + "-f <zipfile> -d <dictionary>")
parser.add_option('-f', dest='zname', type='string', help='specify zip file')
parser.add_option('-d', dest='dname', type='string', help='specify dictionary file')
options, args = parser.parse_args()
if (options.zname is None) | (options.dname is None):
"""
is 和 == 的区别
"""
print(parser.usage)
exit(0)
else:
zname = options.zname
dname = options.dname
zFile = zipfile.ZipFile(zname)
passFile = open(dname)
for line in passFile.readlines():
passwd = line.strip('\n')
t = Thread(target=extractFile, args=(zFile, passwd))
t.start()
if __name__ == "__main__":
main()
optparse模块
optparse is a more convenient, flexible, and powerful library for parsing command-line options than the old getopt module.
正如官方文档所说The first step in using optparse is to create an OptionParser instance,我们首先用一个usage字符串创建了一个OptionParser实例
该字符串就是使用摘要,当运行不正确或者使用帮助选项时会被打印出来
接着是add_option函数,这是用来定义可选参数的函数
Each Option instance represents a set of synonymous command-line option strings, e.g. -f and --file. You can specify any number of short or long option strings, but you must specify at least one overall option string.
我们只用知道当解析命令行参数时,它会利用type将可选参数后面的那一个参数强制转换为type类型并存到dest中即可help用来构造完整的帮助信息
-f foo.txt -p 1 -3.5 4 -fbar.txt
得到
options.f = "foo.txt"
options.point = (1.0, -3.5, 4.0)
options.f = "bar.txt"
利用 parser.parse_args()函数得到两个值,一个是an object containing values for all of your options,一个是the list of positional arguments leftover after parsing options
==符号和is的区别
这里很简单的区别,is比较id相当于是比较两个变量的地址,而==比较的是值
zipfile模块
首先用要破解的zip文件创建一个ZipFile对象
然后打开字典文件
对每一个字典中的密码创建一个线程进行extractall操作
Extract all members from the archive to the current working directory. path specifies a different directory to extract to. members is optional and must be a subset of the list returned by namelist(). pwd is the password used for encrypted files.
这里的try expect结构保证无视不对的密码
threading模块
target is the callable object to be invoked by the run() method. Defaults to None, meaning nothing is called.
args is the argument tuple for the target invocation. Defaults to ()
一个暴力破解zip文件的脚本就完成了