timwhitez starred weakpass_exploit
2022-12-22 11:20:59 Author: github.com(查看原文) 阅读量:25 收藏

注: 本项目所有文件仅供学习和研究使用,请勿使用项目中的技术源码用于非法用途,任何人造成的任何负面影响,与本人无关.

{
"url": "http://192.168.86.226/pikachu-master/vul/burteforce/bf_server.php",//目标地址url
"user_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[1]/span/input",//用户名输入登录框
"pass_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[2]/span/input",//密码输入登录框
"orc_input_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[3]/span/input",//验证码输入登录框
"orc_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/label[4]/img",//验证码
"login_button_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/form/div[2]/label/input",//登录按钮
"orc_res_xpath": "//*[@id=\"main-container\"]/div[2]/div/div[2]/div/div/p"//登录结果
}
Usage: usage weakpass_exploit.py -u <username dict> -p <password dict> -c <config file>

Options:
  -h, --help        show this help message and exit
  -u USERNAME_DICT  Enter the username dict eg:user.txt
  -p PASSWORD_DICT  Enter the password dict eg:pass.txt
  -c CONFIG_FILE    Enter the config file eg:conf.json
  -e                Use headless model eg: -e

文章来源: https://github.com/yxdnr/weakpass_exploit
如有侵权请联系:admin#unsafe.sh