lijiejie / htpwdscan Goto Github PK

既然大佬还在维护，那我就提个bug：）
post.txt：
`POST /owa/auth.owa HTTP/1.1
Host: mail.xxxx.com
Connection: close
Content-Length: 142
Cache-Control: max-age=0
Origin: https://mail.xxxx.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8
Referer: https://mail.xxxx.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.xxxx.com%2fowa%2f
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: ClientId=FICYYKJSKZWWUYCLURQ; PrivateComputer=true; PBack=0;

destination=https%3A%2F%2Fmail.xxxx.com%2Fowa%2F&flags=4&forcedownlevel=0&username=zhangchao&password=222222222222&passwordText=&isUtf8=1`

这个是https的请求。在-debug时，显示如下错误：
`**********************************************************************************************************************
Job started at 10:47:43

[.]Scan username=xxxxxx&password=xxxxx@123
send: 'POST /owa/auth.owa HTTP/1.1\r\nHost: mail.xxxx.com\r\nAccept-Encoding: identity\r\nContent-Length: 128\r\nOrigin: https://mail.xxxx.com\r\nAccept-Language: zh-CN,zh;q=0.9\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36\r\nReferer: https://mail.xxxx.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.xxxx.com%2fowa%2f\r\nCache-Control: no-cache\r\nCookie: ClientId=FICYYKJSKZWWUYCLURQ; PrivateComputer=true; PBack=0;\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nusername=xxxx&password=xxxxx%40123&destination=https%3A%2F%2Fmail.xxxx.com%2Fowa%2F&isUtf8=1&flags=4&forcedownlevel=0'
reply: 'HTTP/1.1 403 Forbidden\r\n'
header: Server: Microsoft-IIS/8.5
header: X-Powered-By: ASP.NET
header: X-FEServer: YZ-FE01
header: Date: Tue, 04 Sep 2018 02:48:59 GMT
header: Content-Length: 0

[Response headers and response text]

[('date', 'Tue, 04 Sep 2018 02:48:59 GMT'), ('content-length', '0'), ('x-powered-by', 'ASP.NET'), ('x-feserver', 'YZ-FE01'), ('server', 'Microsoft-IIS/8.5')]

Task finished at 10:47:44. Cost 0.11 seconds
No one was cracked.`

看了一下源码，发现错误由于“从post.txt无法准确判断是https还是http”，发生在request_file.py文件中的：
self.args.scm = 'https' if self.args.https else 'http'

于是，我修改了相关的判断，先去请求https，如果产生异常，则为http。
` self.args.scm = 'https' if self.args.https else 'http'
# print(self.args.scm)
with open(self.args.f) as f:
post_text = f.read()
lines = post_text.split('\n')

first_line = lines[0].strip()
self.args.get = True if first_line.upper().startswith('GET') else False
self.args.netloc = re.search('Host: (.*)', post_text).group(1).strip()
try:
    tmp_url = 'https://' + self.args.netloc
    requests.get(tmp_url, verify=False, allow_redirects=False)
    self.args.scm = 'https'
except:
    self.args.scm = 'http'
# print(self.args.scm)`

同时在文件中添加：
`import requests

from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)`

修改完成后，再次运行，结果正常：
`**********************************************************************************************************************
Job started at 10:59:39

[.]Scan username=xxxxxx&password=xxxxx@123
send: 'POST /owa/auth.owa HTTP/1.1\r\nHost: mail.xxxx.com\r\nAccept-Encoding: identity\r\nContent-Length: 128\r\nOrigin: https://mail.xxxx.com\r\nAccept-Language: zh-CN,zh;q=0.9\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36\r\nReferer: https://mail.xxxx.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fmail.xxxx.com%2fowa%2f\r\nCache-Control: no-cache\r\nCookie: ClientId=FICYYxxxWWUYCLURQ; PrivateComputer=true; PBack=0;\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nusername=xxxxx&password=xxxxx%40123&destination=https%3A%2F%2Fmail.xxxx.com%2Fowa%2F&isUtf8=1&flags=4&forcedownlevel=0'
reply: 'HTTP/1.1 302 Found\r\n'
header: Location: https://mail.xxxx.com/owa/auth/logon.aspx?url=https%3a%2f%2fmail.xxxx.com%2fowa%2f&reason=2
header: Server: Microsoft-IIS/8.5
header: request-id: caa580e6-8bc9-445a-af97-4df8930ae1be
header: X-Powered-By: ASP.NET
header: X-FEServer: YZ-FE01f
header: Date: Tue, 04 Sep 2018 03:00:55 GMT
header: Content-Length: 222

[Response headers and response text]

[('content-length', '222'), ('x-powered-by', 'ASP.NET'), ('request-id', 'caa580e6-8bc9-445a-af97-4df8930ae1be'), ('server', 'Microsoft-IIS/8.5'), ('x-feserver', 'YZ-FE01'), ('date', 'Tue, 04 Sep 2018 03:00:55 GMT'), ('location', 'https://mail.xxxx.com/owa/auth/logon.aspx?url=https%3a%2f%2fmail.xxxx.com%2fowa%2f&reason=2')]

Object moved to here.

Task finished at 10:59:41. Cost 1.42 seconds
No one was cracked.`

请问如果我想成功1次或指定次数登陆就停止继续破解 该如何操作,命令行中貌似没有相关参数

跑basic认证的时候出现：
[Exception in do_request] local variable 'data_print' referenced before assignment

lib->request.py:data_print先声明一下吧

我是用-u测试是没有问题的,请问-f命令指的是一个文件吗
里面存放的格式有什么要求吗 我这边报错呢。

不知道怎么获得这个post.txt

相当给力,如果能支持 python3 就更加完美了