注: 本项目所有文件仅供学习和研究使用,请勿使用项目中的技术源码用于非法用途,任何人造成的任何负面影响,与本人无关.
{
"url": "http://192.168.86.226/pikachu-master/vul/burteforce/bf_server.php",//目标地址url
"user_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[1]/span/input",//用户名输入登录框
"pass_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[2]/span/input",//密码输入登录框
"orc_input_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[3]/span/input",//验证码输入登录框
"orc_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[4]/img",//验证码
"login_button_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/div[2]/label/input",//登录按钮
"orc_res_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/p"//登录结果
}Usage: usage weakpass_exploit.py -u <username dict> -p <password dict> -c <config file>
Options:
-h, --help show this help message and exit
-u USERNAME_DICT Enter the username dict eg:user.txt
-p PASSWORD_DICT Enter the password dict eg:pass.txt
-c CONFIG_FILE Enter the config file eg:conf.json
-e Use headless model eg: -e
文章来源: https://github.com/yxdnr/weakpass_exploit
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh