• Python新手灰帽脚本练习--Zip文件爆破


    大概思路:通过遍历字典的方式执行zipfile模块的extractall方法执行解压操作,实现爆破操作。

    1、先来个常规的解压操作 

    提前准备了'2323.zip'文件,并设置解压密码为‘123’,使用extractall方法实现解压。

    1 import zipfile
    2 zfile = zipfile.ZipFile('2323.zip')
    3 zfile.extractall(pwd='123')
    View Code

     

     

    2、增加遍历字典和异常处理

     这里使用的字典为‘1.txt’

     1 import zipfile
     2 
     3 zFile = zipfile.ZipFile('2323.zip')
     4 dictionary = open('1.txt','r')
     5 
     6 for line in dictionary.readlines():
     7         password = line.strip('
    ')
     8         try:
     9             print '[-] Testing Password: ' + password
    10             zFile.extractall(pwd=password)
    11             print '[+] Password Found! The Password is : '+ password
    12         except:
    13             pass
    View Code

      3、初步整理,模块化代码

     1 import zipfile
     2 
     3 def unzip(zFile,dictionary):
     4     for line in dictionary.readlines():
     5         password = line.strip('
    ')
     6         try:
     7             print '[-] Testing Password: ' + password
     8             result = zFile.extractall(pwd=password)
     9             print '[+] Password Found! The Password is : '+ password
    10         except:
    11             pass
    12         
    13 def main():
    14     dictionary = open('1.txt','r')
    15     zFile = zipfile.ZipFile("2323.zip")
    16     unzip(zFile,dictionary)
    17     
    18 if __name__ == '__main__':
    19     main()    
    View Code

     4、增加线程提高效率

     1 import zipfile
     2 from threading import Thread
     3 
     4 def unzip(zFile,dictionary):
     5     for line in dictionary.readlines():
     6         password = line.strip('
    ')
     7         try:
     8             print '[-] Testing Password: ' + password
     9             result = zFile.extractall(pwd=password)
    10             print '[+] Password Found! The Password is : '+ password
    11         except:
    12             pass
    13         
    14 def main():
    15     dictionary = open('1.txt','r')
    16     zFile = zipfile.ZipFile("2323.zip")
    17     t = Thread(target = unzip , args=(zFile,dictionary))
    18     t.start()
    19 if __name__ == '__main__':
    20     main()    
    View Code

     5、最后使用sys或optparse模块实现自定义输入,进一步完善

    使用sys模块:

     1 #! /usr/bin/python
     2 # coding=utf-8
     3 # __author__='Dou—wei'
     4 
     5 import zipfile
     6 import sys
     7 from threading import Thread
     8 
     9 def unzip(zFile,dictionary):
    10     for line in dictionary.readlines():
    11         password = line.strip('
    ')
    12         try:
    13             print '[-] Testing Password: ' + password
    14             result = zFile.extractall(pwd=password)
    15             print '[+] Password Found! The Password is : '+ password
    16         except:
    17             pass
    18         
    19 def main():
    20     zip_name = sys.argv[1]
    21     dict_name = sys.argv[2]
    22     dictionary = open(dict_name,'r')
    23     zFile = zipfile.ZipFile(zip_name)
    24     t = Thread(target = unzip , args=(zFile,dictionary))
    25     t.start()
    26     
    27 if __name__ == '__main__':
    28     main()    
    View Code

    效果如下图:

     使用optparse模块:

     1 #! /usr/bin/python
     2 # coding=utf-8
     3 # __author__='Dou—wei'
     4 
     5 import zipfile
     6 import optparse
     7 from threading import Thread
     8 
     9 def unzip(zFile,dictionary):
    10     for line in dictionary.readlines():
    11         password = line.strip('
    ')
    12         try:
    13             print '[-] Testing Password: ' + password
    14             result = zFile.extractall(pwd=password)
    15             print '[+] Password Found! The Password is : '+ password
    16         except:
    17             pass
    18 
    19 def parser_support():
    20     parser = optparse.OptionParser("usage: <Example> python zipcrack.py"+" -f <zipfile> -d <dictionary>")
    21     parser.add_option('-f',dest='zname',type='string',help='specify zip file')
    22     parser.add_option('-d',dest='dname',type='string',help='specify dictionary file')
    23     (options, args)=parser.parse_args()
    24     if (options.zname==None) | (options.dname==None):
    25         print parser.usage
    26         exit(0)
    27     else:
    28         global zname,dname
    29         zname = options.zname
    30         dname = options.dname
    31         
    32 def main():
    33     parser_support()
    34     dictionary = open(dname)
    35     zFile = zipfile.ZipFile(zname)
    36     t = Thread(target = unzip , args=(zFile,dictionary))
    37     t.start()
    38 
    39 if __name__ == '__main__':
    40     main()    
    View Code

    效果如下图:

  • 相关阅读:
    取代iframe,实现页面中引入别的页面
    axios请求
    接口跨域
    es7,es8
    promise
    移动端开发调试工具神器--Weinre使用方法
    资本论第一卷笔记
    2018春季实习生校招面经(一)阿里篇
    linux小实验-考勤模拟程序
    在基于debian的deepin或者Ubuntu上双等号“==”和双中括号“[[]]”不能使用的真相
  • 原文地址:https://www.cnblogs.com/ScriptKid-Lu/p/9955511.html
Copyright © 2020-2023  润新知