[TOC]

0x00 前言

描述:通过第一章的学习,我们已经基本掌握了Python进行黑帽开发编程的基础,下面来学习服务与端口的扫描登录和识别;

0x01 端口服务命令执行

示例1.ssh服务-22端口实现登录与命令执行:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/usr/bin/env python
# -*- coding:utf-8 -*-
# description:利用Python实现SSH命令执行并返回执行结果再用pyinstaller转换成为可执行exe

import paramiko
import argparse

if __name__ == '__main__':
parser = argparse.ArgumentParser(description='ssh commands author: wilson ')
parser.add_argument('--ip',action="store",required=True,dest="ip",type=str,help='ip')
parser.add_argument('--user',action="store",required=True,dest="username",type=str,help='username')
parser.add_argument('--pass',action="store",required=True,dest="password",type=str,help='password')
parser.add_argument("--port",action="store",required=False,dest="port",type=int,default='22',help='port')
parser.add_argument("--cmd",action="store",required=False,dest="cmd",type=str,default='w',help='shell command')
args = parser.parse_args()
ip = args.ip
port = args.port
cmd = args.cmd
username = args.username
password = args.password

try:
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(ip, port, username=username, password=password, timeout=10)
stdin, stdout, stderr = client.exec_command(cmd)
for std in stdout.readlines():
print std,
client.close()
except Exception as e:
print e
pass