我正在尝试编写基本的蛮力类型脚本以在我制作的示例php页面上工作。这是我写的脚本:
var userElement = document.getElementById('username');
var passElement = document.getElementById('password');
//sets username, not randomized
var username = 'admin';
//expected characters
var alphabet = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')'];
var numOfGuesses = 0; //for fun
var numOfGuessesGenerated = 0; //for fun
var guesses1 = [];
var guesses2 = [];
var guesses3 = [];
var guesses4 = [];
var guesses5 = [];
var guesses6 = [];
var guesses7 = [];
var guesses8 = [];
var guess = "";
var memhandle = 0;
//first for loop is to get all different lengths covered, max being sixteen
var maxNumOfChars = 16;
//generates guesses one character at a time and appends them to array name guesses
for (var y = 0; y < maxNumOfChars; y++) {
for (var i = 0; i < alphabet.length; i++) {
while (i < maxNumOfChars) {
guess+=alphabet[i];
}
}
if (memhandle == 0) {
guesses1.push(guess);
memhandle = 1
} else if (memhandle == 1) {
guesses2.push(guess);
memhandle = 2;
} else if (memhandle == 2) {
guesses3.push(guess);
memhandle = 3;
} else if (memhandle == 3) {
guesses4.push(guess);
memhandle = 4;
} else if (memhandle == 4) {
guesses5.push(guess);
memhandle = 5;
} else if (memhandle == 5) {
guesses6.push(guess);
memhandle = 6;
} else if (memhandle == 6) {
guesses7.push(guess);
memhandle = 7;
} else if (memhandle == 7) {
guesses8.push(guess);
memhandle = 0;
}
numOfGuessesesGenerated++;
guess = "";
}
numOfGuessesesGenerated++;
console.log(numOfGuessesesGenerated);
console.log(guesses);
//try the guesses!
for (var x = 0; x < guesses.length; x++) {
userElement.value = username;
passElement.value = guesses[x];
numOfGuesses++;
console.log(numOfGuesses);
document.getElementById("myForm").submit(); //myForm IS the name of the form
}
document.getElementById("fid").submit();
我之所以包含“ memhandle”变量,是为了尝试将所有猜测分解为不同的数组,这就是为什么我也拥有如此多的数组。每当我尝试该页面时,该页面始终崩溃,有什么办法可以仅使用JavaScript进行操作,还是需要将用户名存储在某个地方然后从那里拉出?我只是通过在URL栏中执行javascript:注入javascript,这也可能是我遇到问题的原因。 感谢您的帮助
答案 0 :(得分:0)
您遇到的主要问题是while (i < maxNumOfChars) {。此循环将永远不会完成。您做了guess+=alphabet[i];,但根本不增加i(在此循环内),因此最终导致崩溃。
我建议您看看iterator functions来避免使用数组吗?
var userElement = document.getElementById('username');
var passElement = document.getElementById('password');
//sets username, not randomized
var username = 'admin';
//expected characters
var alphabet = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')'];
var numOfGuesses = 0; //for fun
var numOfGuessesGenerated = 0; //for fun
var guess = "";
var memhandle = 0;
//first for loop is to get all different lengths covered, max being sixteen
var maxNumOfChars = 16;
//generates guesses one character at a time and appends them to array name guesses
function *getNextGuess() {
for (var y = 0; y < maxNumOfChars; y++) {
for (var i = 0; i < alphabet.length; i++) {
//while (i < maxNumOfChars) {
guess+=alphabet[i];
//}
}
yield guess;
}
}
//try the guesses!
for (var guess of getNextGuess()) {
console.log(guess);
numOfGuesses++;
console.log(numOfGuesses);
if (numOfGuesses > 10)
break;
}
//document.getElementById("fid").submit();