黑板客 -- 爬虫闯关 -- 关卡04

标签：__name__   黑板   lob   []   imp   encoding   dal   usr   utf-8   

简介

爬虫闯关链接：

1.?http://www.heibanke.com/accounts/login/?next=/lesson/crawler_ex03/

2. http://www.heibanke.com/accounts/login

知识点：cookie & session , csrf , Web编程，多线程密码枚举

提示：和第三题一样，看清楚，题目在http://www.heibanke.com/accounts/login/?next=/lesson/crawler_ex03/登录后显示，而不是URL链接2的登录界面。从URL1或URL2中获取Cookie（CSRFTOKEN）登录，然后得到一个提示密码很长的页面。随便输入帐号密码，会跳出一个页面让你找密码，密码文档页面加载非常慢，是由于后端人为限制时间，密码位置随机生成，从页数与行数可知密码一共100位。为了加快猜测时间，我们要为每一个密码页面开一个线程（多线程处理），提高枚举密码的速度。

参考代码

#!/usr/bin/env python
# encoding: utf-8
 
import requests
import sys
import re
import threading
reload(sys)
 
sys.setdefaultencoding("utf-8")
 
csrf = ""
username = "Peter"
password = "112233"
final_password = ""
 
payload_login = {
    "username":username,
    "password":password,
    "csrfmiddlewaretoken":csrf
}
 
dict = {}
thread = []
 
website_signUp = "http://www.heibanke.com/accounts/login"
website_login = "http://www.heibanke.com/accounts/login/?next=/lesson/crawler_ex03/"
website_PWlist = "http://www.heibanke.com/lesson/crawler_ex03/pw_list/?page=%s"
 
s = requests.Session()
s.get(website_signUp)
csrf = s.cookies["csrftoken"]
payload_login["csrfmiddlewaretoken"] = csrf
s.post(website_login,data=payload_login)
csrf = s.cookies["csrftoken"]
 
 
def GetPassword(page):
    global dict
    while True:
        resp = s.get(website_PWlist%page)
        word_pos = re.findall('<td data-toggle="tooltip" data-placement="left" title="password_pos">(\d+)</td>', resp.content)
        word_val = re.findall('<td data-toggle="tooltip" data-placement="left" title="password_val">(\d+)</td>', resp.content)
        for i in range(len(word_pos)):
            dict[int(word_pos[i])] = word_val[i]
            print word_pos[i]+" -- "+word_val[i]
        if len(dict)==100:
            break
 
def main():
    global dict
    global final_password
    for i in range(1,14):
        t = threading.Thread(target=GetPassword,args=(i,))
        thread.append(t)
    for i in thread:
        i.start()
        print "Thread Runing"
    for i in thread:
        i.join()
        print "Thread Join"
    if len(dict)==100:
        k = dict.keys()
        k.sort()
        for i in range(len(dict)):
            final_password += dict[k[i]]
        print "[+]FOUND:" + final_password
 
 
 
if __name__ == '__main__':
    main()

黑板客 -- 爬虫闯关 -- 关卡04

标签：__name__   黑板   lob   []   imp   encoding   dal   usr   utf-8   

原文地址：https://www.cnblogs.com/PeterZ1997/p/9735216.html