PythonHackBack(获取暴力破解服务器密码的IP来源)

Posted 17bdw随手笔记

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了PythonHackBack(获取暴力破解服务器密码的IP来源)相关的知识,希望对你有一定的参考价值。

1、前言

又在0x00sec上翻到好东东。

https://0x00sec.org/t/python-hackback-updated/882

帖子里的脚本会得到那些暴力服务器密码失败的IP和用户名,并且使用shodan api做一个溯源定位。

#!/usr/bin/python3.4
import re
import urllib.request
import json
log_path = "/var/log/auth.log"
hosts = []
key = "{YOUR_API_KEY}"
#GET FAILED PASSWORD ATTEMPT
def get_host(test):
        for line in text.split(‘\n‘):
                if line.find("Failed password for invalid ") != -1:
                        if get_ip(line) not in hosts:
                                hosts.append(get_ip(line))
        return hosts
#GET USERNAME
def get_username(line):
        username_word = line.split("Failed password for invalid user ")
        username = (username_word[1]).split(" ")
        return username[0]

#LOCATE IP WITH GEOIP
def geoip(host):
        response = urllib.request.urlopen("http://freegeoip.net/json/"+host)
        geoip = response.read().decode("utf-8")
        geoip = json.loads(geoip)
        print("\n[+] Tracking ip {}".format(geoip[‘ip‘]))
        print("-------------------------------")
        print(‘\tCountry : {}\n\ttimezone : {}\n\tlatitude : {}\n\tlongitude : {}‘.format(geoip[‘country_name‘],geoip[‘time_zone‘],geoip[‘latitude‘],geoip[‘longitude‘]))
def passive_recon(host,key):
        url = "https://api.shodan.io/shodan/host/{}?key={}&minify=true".format(host,key)
        try:
                response = urllib.request.urlopen(url)
                result = response.read().decode(‘utf-8‘)
                result = json.loads(result)
                print("[+] Passive Recon using shodan.io")
                print("-------------------------------")
                print("\tPort : {}\n\tOrganisation {}".format(result[‘ports‘],result[‘org‘]))
                for x in range(len(result[‘ports‘])):
                        print("Banner {}".format(result[‘data‘][x][‘data‘]))
        except:
                print("[+] Passive Recon using shodan.io")
                print("-------------------------------")
                print("\tCan‘t retrieve information")
                pass
if __name__ == "__main__":
        with open(log_path, ‘rt‘) as log:
                text = log.read()
get_host(text)
for host in hosts:
        geoip(host)
        passive_recon(host,key)

2、脚本实现的功能

def get_host(test):
        for line in text.split(‘\n‘):
                if line.find("Failed password for invalid ") != -1:
                        if get_ip(line) not in hosts:
                                hosts.append(get_ip(line))
        return hosts

def get_username(line):
        username_word = line.split("Failed password for invalid user ")
        username = (username_word[1]).split(" ")
        return username[0]

这些函数将从auth.log文件中获取测试服务器密码的ip和用户名

使用freegeoip.net来获取ip位置(但是也可以使用shodan.io api),函数只是将json输出解析为一个美化后的文本输出。

def geoip(host):
        response = urllib.request.urlopen("http://freegeoip.net/json/"+host)
        geoip = response.read().decode("utf-8")
        geoip = json.loads(geoip)
        print("\n[+] Tracking ip {}".format(geoip[‘ip‘]))
        print("-------------------------------")
        print(‘\tCountry : {}\n\ttimezone : {}\n\tlatitude : {}\n\tlongitude : {}‘.format(geoip[‘country_name‘],geoip[‘time_zone‘],geoip[‘latitude‘],geoip[‘longitude‘]))

与shodan进行关联的脚本函数如下:

def passive_recon(host,key):
        url = "https://api.shodan.io/shodan/host/{}?key={}&minify=true".format(host,key)
        try:
                response = urllib.request.urlopen(url)
                result = response.read().decode(‘utf-8‘)
                result = json.loads(result)
                print("[+] Passive Recon using shodan.io")
                print("-------------------------------")
                print("\tPort : {}\n\tOrganisation {}".format(result[‘ports‘],result[‘org‘]))
                for x in range(len(result[‘ports‘])):
                        print("Banner {}".format(result[‘data‘][x][‘data‘]))
        #If we don‘t get a 200 response code print ‘Can‘t retrive information
        except:
                print("[+] Passive Recon using shodan.io")
                print("-------------------------------")
                print("\tCan‘t retrieve information")
                pass

要获取关于黑客的信息,只需要运行:

./hackBack.py

以上是关于PythonHackBack(获取暴力破解服务器密码的IP来源)的主要内容,如果未能解决你的问题,请参考以下文章

DNS暴力破解工具Fierce常用命令

渗透测试自学系列—黑客常用的端口及攻击方法汇总

暴力破解与验证码安全

密码暴力破解与防御

BurpSuite 暴力破解之绕过 token

Lab: Password brute-force via password change 通过暴力破解获取密码靶场复盘