网站建设汇报方案ppt,免费个人网站源码下载,网站改版 降权,wordpress插件logo1、前言 又在0x00sec上翻到好东东。 https://0x00sec.org/t/python-hackback-updated/882 帖子里的脚本会得到那些暴力服务器密码失败的IP和用户名#xff0c;并且使用shodan api做一个溯源定位。 #!/usr/bin/python3.4
import re
import urllib.request
import json
log_path… 1、前言 又在0x00sec上翻到好东东。 https://0x00sec.org/t/python-hackback-updated/882 帖子里的脚本会得到那些暴力服务器密码失败的IP和用户名并且使用shodan api做一个溯源定位。 #!/usr/bin/python3.4
import re
import urllib.request
import json
log_path /var/log/auth.log
hosts []
key {YOUR_API_KEY}
#GET FAILED PASSWORD ATTEMPT
def get_host(test):for line in text.split(\n):if line.find(Failed password for invalid ) ! -1:if get_ip(line) not in hosts:hosts.append(get_ip(line))return hosts
#GET USERNAME
def get_username(line):username_word line.split(Failed password for invalid user )username (username_word[1]).split( )return username[0]#LOCATE IP WITH GEOIP
def geoip(host):response urllib.request.urlopen(http://freegeoip.net/json/host)geoip response.read().decode(utf-8)geoip json.loads(geoip)print(\n[] Tracking ip {}.format(geoip[ip]))print(-------------------------------)print(\tCountry : {}\n\ttimezone : {}\n\tlatitude : {}\n\tlongitude : {}.format(geoip[country_name],geoip[time_zone],geoip[latitude],geoip[longitude]))
def passive_recon(host,key):url https://api.shodan.io/shodan/host/{}?key{}minifytrue.format(host,key)try:response urllib.request.urlopen(url)result response.read().decode(utf-8)result json.loads(result)print([] Passive Recon using shodan.io)print(-------------------------------)print(\tPort : {}\n\tOrganisation {}.format(result[ports],result[org]))for x in range(len(result[ports])):print(Banner {}.format(result[data][x][data]))except:print([] Passive Recon using shodan.io)print(-------------------------------)print(\tCant retrieve information)pass
if __name__ __main__:with open(log_path, rt) as log:text log.read()
get_host(text)
for host in hosts:geoip(host)passive_recon(host,key) 2、脚本实现的功能 def get_host(test):for line in text.split(\n):if line.find(Failed password for invalid ) ! -1:if get_ip(line) not in hosts:hosts.append(get_ip(line))return hostsdef get_username(line):username_word line.split(Failed password for invalid user )username (username_word[1]).split( )return username[0] 这些函数将从auth.log文件中获取测试服务器密码的ip和用户名 使用freegeoip.net来获取ip位置但是也可以使用shodan.io api函数只是将json输出解析为一个美化后的文本输出。 def geoip(host):response urllib.request.urlopen(http://freegeoip.net/json/host)geoip response.read().decode(utf-8)geoip json.loads(geoip)print(\n[] Tracking ip {}.format(geoip[ip]))print(-------------------------------)print(\tCountry : {}\n\ttimezone : {}\n\tlatitude : {}\n\tlongitude : {}.format(geoip[country_name],geoip[time_zone],geoip[latitude],geoip[longitude])) 与shodan进行关联的脚本函数如下 def passive_recon(host,key):url https://api.shodan.io/shodan/host/{}?key{}minifytrue.format(host,key)try:response urllib.request.urlopen(url)result response.read().decode(utf-8)result json.loads(result)print([] Passive Recon using shodan.io)print(-------------------------------)print(\tPort : {}\n\tOrganisation {}.format(result[ports],result[org]))for x in range(len(result[ports])):print(Banner {}.format(result[data][x][data]))#If we dont get a 200 response code print Cant retrive informationexcept:print([] Passive Recon using shodan.io)print(-------------------------------)print(\tCant retrieve information)pass 要获取关于黑客的信息只需要运行 ./hackBack.py 转载于:https://www.cnblogs.com/17bdw/p/8146464.html
