【Python】HackBack(获取暴力破解服务器密码的IP来源)
生活随笔
收集整理的這篇文章主要介紹了
【Python】HackBack(获取暴力破解服务器密码的IP来源)
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
1、前言
又在0x00sec上翻到好東東。
https://0x00sec.org/t/python-hackback-updated/882
帖子里的腳本會得到那些暴力服務器密碼失敗的IP和用戶名,并且使用shodan api做一個溯源定位。
#!/usr/bin/python3.4 import re import urllib.request import json log_path = "/var/log/auth.log" hosts = [] key = "{YOUR_API_KEY}" #GET FAILED PASSWORD ATTEMPT def get_host(test):for line in text.split('\n'):if line.find("Failed password for invalid ") != -1:if get_ip(line) not in hosts:hosts.append(get_ip(line))return hosts #GET USERNAME def get_username(line):username_word = line.split("Failed password for invalid user ")username = (username_word[1]).split(" ")return username[0]#LOCATE IP WITH GEOIP def geoip(host):response = urllib.request.urlopen("http://freegeoip.net/json/"+host)geoip = response.read().decode("utf-8")geoip = json.loads(geoip)print("\n[+] Tracking ip {}".format(geoip['ip']))print("-------------------------------")print('\tCountry : {}\n\ttimezone : {}\n\tlatitude : {}\n\tlongitude : {}'.format(geoip['country_name'],geoip['time_zone'],geoip['latitude'],geoip['longitude'])) def passive_recon(host,key):url = "https://api.shodan.io/shodan/host/{}?key={}&minify=true".format(host,key)try:response = urllib.request.urlopen(url)result = response.read().decode('utf-8')result = json.loads(result)print("[+] Passive Recon using shodan.io")print("-------------------------------")print("\tPort : {}\n\tOrganisation {}".format(result['ports'],result['org']))for x in range(len(result['ports'])):print("Banner {}".format(result['data'][x]['data']))except:print("[+] Passive Recon using shodan.io")print("-------------------------------")print("\tCan't retrieve information")pass if __name__ == "__main__":with open(log_path, 'rt') as log:text = log.read() get_host(text) for host in hosts:geoip(host)passive_recon(host,key)2、腳本實現的功能
def get_host(test):for line in text.split('\n'):if line.find("Failed password for invalid ") != -1:if get_ip(line) not in hosts:hosts.append(get_ip(line))return hostsdef get_username(line):username_word = line.split("Failed password for invalid user ")username = (username_word[1]).split(" ")return username[0]這些函數將從auth.log文件中獲取測試服務器密碼的ip和用戶名
使用freegeoip.net來獲取ip位置(但是也可以使用shodan.io api),函數只是將json輸出解析為一個美化后的文本輸出。
def geoip(host):response = urllib.request.urlopen("http://freegeoip.net/json/"+host)geoip = response.read().decode("utf-8")geoip = json.loads(geoip)print("\n[+] Tracking ip {}".format(geoip['ip']))print("-------------------------------")print('\tCountry : {}\n\ttimezone : {}\n\tlatitude : {}\n\tlongitude : {}'.format(geoip['country_name'],geoip['time_zone'],geoip['latitude'],geoip['longitude']))與shodan進行關聯的腳本函數如下:
def passive_recon(host,key):url = "https://api.shodan.io/shodan/host/{}?key={}&minify=true".format(host,key)try:response = urllib.request.urlopen(url)result = response.read().decode('utf-8')result = json.loads(result)print("[+] Passive Recon using shodan.io")print("-------------------------------")print("\tPort : {}\n\tOrganisation {}".format(result['ports'],result['org']))for x in range(len(result['ports'])):print("Banner {}".format(result['data'][x]['data']))#If we don't get a 200 response code print 'Can't retrive informationexcept:print("[+] Passive Recon using shodan.io")print("-------------------------------")print("\tCan't retrieve information")pass要獲取關于黑客的信息,只需要運行:
./hackBack.py轉載于:https://www.cnblogs.com/17bdw/p/8146464.html
總結
以上是生活随笔為你收集整理的【Python】HackBack(获取暴力破解服务器密码的IP来源)的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: CorelDRAWX4的VBA插件开发{
- 下一篇: Python 项目实践三(Web应用程序