简单的ftp,ssh弱口令探测

需要安装paramiko,pycrypto

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from ftplib import FTP
import sys
import paramiko
import socket
ftp = FTP() #创建ftp对象
ip = sys.argv[1]
timeout = 5
ftp_port = 21
ssh_port = 22 # 设置参数
def ftpscan():
try:
ftp.connect(ip, ftp_port, timeout) # 连接ftp
return 1
except:
print u"未开放ftp服务"
return 0
def ftp_blasting(username,password):
try:
ftp.connect(ip, ftp_port, timeout)
ftp.login(username, password)
ftp.quit()
print u"FTP存在弱口令"+username+':'+password
except:
pass
def sshscan():
try:
s=socket.socket()
s.connect((ip,ssh_port))
return 1
except:
print u"未开放ssh服务"
return 0
def ssh_blasting(username,password):
try:
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(ip, ssh_port, username=username, password=password, timeout=timeout)
print u"SSH存在弱口令" + username + ':' + password
client.close()
except:
pass
def main():
ftps=ftpscan()
sshs=sshscan()
with open('user.txt','r') as USER:
with open('pass.txt','r') as PASS:
for username in USER.readlines():
PASS.seek(0)
for password in PASS.readlines():
if ftps:
ftp_blasting(username.strip('\n'), password.strip('\n'))
if sshs:
ssh_blasting(username.strip('\n'), password.strip('\n'))
if __name__ == '__main__':
main()

写的比较垃圾Orz,下次补充多线程