Python enables automatic website login
17:15:58 | category:
Programming | font size subscription
Some time ago, I wrote a program for my students. I needed to visit the URL in the background to send emails. After some exploration, I used the PHP curl function and thought it was very powerful, so I went to Google. As a powerful scripting language, Python also has similar functions, so I tried to do it. Let's take a look at the brief lines of code import urllib, urllib2, httplib, cookielib // the URL of the python module used = 'HTTP: // www.xxxxxx.com/login.asp? Action = chk '// the URL to be tried. Change the URL to values = {'username': 'admin', 'Password ': 'admin'} // the data submitted by post is urllib. urlencode (values) // encode the submitted data Req = urllib2.request (URL, data) // form a URL request response = urllib2.urlopen (req) // send the request the_page = response. read () // read the returned page print the_page // output the returned page from the above we can see that for a website with a simple login authentication mechanism, you only need a few lines of code to achieve automatic login, it is not difficult to think that we can use this brute force password cracking. The following shows a code for automatically logging on to Baidu space on the Internet, which is similar to ours.
Import urllib, urllib2, httplib, cookielibdef auto_login_hi (URL, name, PWD): url_hi = "http://passport.baidu.com /? Login "# Set cookie = cookielib. cookiejar () Cj = urllib2.httpcookieprocessor (cookie) # Set the logon parameter postdata = urllib. urlencode ({'username': name, 'Password': Pwd}) # generate request = urllib2.request (url_hi, postdata) # log on to Baidu opener = urllib2.build _ opener (request, CJ) F = opener. open (request) print F # Open Baidu Hi space page hi_html = opener. open (URL) return hi_htmlif _ name __= = '_ main _': Name = 'name' Password = 'Password' url = 'yoururl' # example: url = 'HTTP: // hi.baidu.com/cdkey51' H = auto_login_hi (URL, name, password) print H. read () # H contains the content on the logon page.
Next, analyze the returned page information to determine whether the password is correct.