可恶的QQ钓鱼网站

此处省略N字，总之，我的朋友竟然在QQ钓鱼网站上输入了账号和密码。对他进行安全教育后觉得对钓鱼网站也的做点什么。

钓鱼网站如图

仅有账号和密码，那我就多提交点用户名密码上去吧。

表单挺简单的

用这个代码提交数据

# -*- coding: utf-8 -*- 
import urllib
import urllib2

from urllib2 import URLError

ExploereHEADERS = {"Content-type": "application/x-www-form-urlencoded",
           'Accept-Language':'zh-CN,zh;q=0.8',
           'User-Agent': 'Mozilla/4.0 (compatible; MSIE 6.0;Windows NT 5.0)',
           "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
           "Connection": "close",
           "Cache-Control": "no-cache"}


def GetWeb(url,values,method ='get'):
    data = urllib.urlencode(values) #数据编码
    if method == 'get':
        url = url+'?'+data
        req = urllib2.Request(url, headers = ExploereHEADERS)
    else:
        req = urllib2.Request(url, data,headers = ExploereHEADERS)
    response = urllib2.urlopen(req)
    the_page = response.read()
    response.close() #不用了就关闭掉
    return the_page;

接下来就是生成点QQ号 和密码

random.randint(1000,999999999)

用它来生成随机QQ号

生成随机的密码

import string
def randomPassword(num):
    passwd = ''
    seed = string.letters + string.digits
    for i in xrange(num):
        passwd += seed[random.randrange(1,len(seed))]

    return passwd

万事具备，只欠提交表单

# -*- coding: utf-8 -*- 
from webhelp import GetWeb
from urllib2 import HTTPError,URLError

import random
import time
import string
def randomPassword(num):
    passwd = ''
    seed = string.letters + string.digits
    for i in xrange(num):
        passwd += seed[random.randrange(1,len(seed))]

    return passwd


from math import floor #取整
daly = (0, 1, 2, 4,8,
        16,32,64,128,
        256,1024) #延迟时间

baseUrl = 'http://18220.hnjuist.tk/865zsxci/qzone.asp'
def nameUsed(name=''):
    url = baseUrl
    values={'username':'1',
            'pwd':'checkusername'}
    values['username'] = random.randint(1000,999999999)
    values['pwd'] = randomPassword(random.randint(5,20))
    print values
    html = None

    t = 0 #重试次数
    while(True):
        try:
            html = GetWeb(url,values)
        except HTTPError, e:
            print u'服务器错误'
            if hasattr(e, 'code'):
                print u'错误码: ', e.code
            if hasattr(e, 'read'):
                print e.read()
            
            tt = daly[min(t, len(daly)-1)] * random.random()
            tt = floor(tt+0.5) #上取整
            tt = int(tt) # 变整型
            print 'sleep %d seconds and try again.'%tt
            t = t + 1
            time.sleep( tt )#等一会儿吧
        except URLError, e:
            print u'网络错误'
            if hasattr(e, 'reason'):
                print 'Reason: ', e.reason
            tt = daly[min(t, len(daly)-1)] * random.random()
            tt = floor(tt+0.5) #上取整
            tt = int(tt) # 变整型
            print 'sleep %d seconds and try again.'%tt
            t = t + 1
            time.sleep( tt )#等一会儿吧
        else:
            break
    time.sleep(2)
    print html
    return len(html) == 6

while True:
      nameUsed()

当它看到这么多账号时会有多么开心呢