java中的接口是类吗
365
2022-09-02
Python 实现Unix/Zip密码破解机(python和java哪个更值得学)
Python 实现Unix/Zip密码破解机(python和java哪个更值得学)
实现简单探测:使用socket模块,connect()方法建立与指定IP和端口的网络连接;revc(1024)方法将读取套接字中接下来的1024B数据
import socketimport syssocket.setdefaulttimeout(2)s=socket.socket()s.connect(('192.168.1.1',21))ans=s.recv(1024)print(ans)
通过函数实现:通过def()关键字定义,示例中定义扫描FTP banner信息的函数
import socketdef retBanner(ip,port): try: socket.setdefaulttimeout(2) s = socket.socket() s.connect((ip,port)) banner = s.recv(1024) return banner except: returndef checkVulns(banner): if 'vsFTPd' in banner: print '[+] vsFTPd is vulnerable.' elif 'FreeFloat Ftp Server' in banner: print '[+] FreeFloat Ftp Server is vulnerable.' else: print '[-] FTP Server is not vulnerable.' returndef main(): ips = ['10.10.10.128','10.10.10.160'] port = 21 banner1 = retBanner(ips[0],port) if banner1: print '[+] ' + ips[0] + ": " + banner1.strip('\n') checkVulns(banner1) banner2 = retBanner(ips[1],port) if banner2: print '[+] ' + ips[1] + ": " + banner2.strip('\n') checkVulns(banner2)if __name__ == '__main__': main()
迭代实现:迭代探测
import socketdef retBanner(ip,port): try: socket.setdefaulttimeout(2) s = socket.socket() s.connect((ip,port)) banner = s.recv(1024) return banner except: returndef checkVulns(banner): if 'vsFTPd' in banner: print '[+] vsFTPd is vulnerable.' elif 'FreeFloat Ftp Server' in banner: print '[+] FreeFloat Ftp Server is vulnerable.' else: print '[-] FTP Server is not vulnerable.' returndef main(): portList = [21,22,25,80,110,443] ip = '10.10.10.128' for port in portList: banner = retBanner(ip,port) if banner: print '[+] ' + ip + ':' + str(port) + '--' + banner if port == 21: checkVulns(banner)if __name__ == '__main__': main()
OS模块: os.path.isfile()检查该文件是否存在 os.access()判断当前用户是否有权限读取该文件
import sysimport osif len(sys.argv) == 2: filename = sys.argv[1] if not os.path.isfile(filename): print '[-] ' + filename + ' does not exit.' exit(0) if not os.access(filename,os.R_OK): print '[-] ' + filename + ' access denied.' exit(0) print '[+] Reading From: ' + filename
整合上面的代码
import socketimport sysimport osdef retBanner(ip,port): try: socket.setdefaulttimeout(2) s = socket.socket() s.connect((ip,port)) banner = s.recv(1024) return banner except: returndef checkVulns(banner,filename): f = open(filename, 'r') for line in f.readlines(): if line.strip('\n') in banner: print '[+] Server is vulnerable: ' + banner.strip('\n')def main(): if len(sys.argv) == 2: filename = sys.argv[1] if not os.path.isfile(filename): print '[-] ' + filename + ' does not exit.' exit(0) if not os.access(filename,os.R_OK): print '[-] ' + filename + ' access denied.' exit(0) print '[+] Reading From: ' + filename else: print '[-] Usage: ' + str(sys.argv[0]) + '
Unix口令破解机: 这段代码通过分别读取两个文件,一个为加密口令文件,另一个为用于猜测的字典文件。在testPass()函数中读取字典文件,并通过crypt.crypt()进行加密,其中需要一个明文密码以及两个字节的盐,然后再用加密后的信息和加密口令进行比较查看是否相等即可。
#!/usr/bin/python#coding=utf-8import cryptdef testPass(cryptPass): salt = cryptPass[0:2] dictFile = open('dictionary.txt','r') for word in dictFile.readlines(): word = word.strip('\n') cryptWord = crypt.crypt(word,salt) if cryptWord == cryptPass: print '[+] Found Password: ' + word + "\n" return print '[-] Password not Found.\n' returndef main(): passFile = open('passwords.txt') for line in passFile.readlines(): if ":" in line: user = line.split(':')[0] cryptPass = line.split(':')[1].strip(' ') print '[*] Cracking Password For : ' + user testPass(cryptPass)if __name__ == '__main__': main()
Zip文件口令破解机: 主要使用zipfile库的extractall()方法,其中pwd参数指定密码
import zipfileimport optparsefrom threading import Threaddef extractFile(zFile,password): try: zFile.extractall(pwd=password) print '[+] Fonud Password : ' + password + '\n' except: passdef main(): parser = optparse.OptionParser("[*] Usage: ./unzip.py -f
版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。
相关文章
发表评论
暂时没有评论,来抢沙发吧~