python中的BruteForce攻击程序无法运行

Question

我开发了一个zipfile密码破解程序，可以进行强力攻击。 zip文件的密码是1234.当我运行程序时，它会给我这个错误：

Traceback (most recent call last):
  File "C:\Users\Kartikey\Desktop\cracking\bruteforce\bruteforce.py", line 51, in <module>
    zf.extractall(password)
  File "C:\Python27\lib\zipfile.py", line 1040, in extractall
    self.extract(zipinfo, path, pwd)
  File "C:\Python27\lib\zipfile.py", line 1028, in extract
    return self._extract_member(member, path, pwd)
  File "C:\Python27\lib\zipfile.py", line 1069, in _extract_member
    targetpath = os.path.join(targetpath, arcname)
  File "C:\Python27\lib\ntpath.py", line 84, in join
    result_path = result_path + '\\'
TypeError: can only concatenate tuple (not "str") to tuple

这是代码：

from zipfile import ZipFile
import itertools
#--------------------------------------CHARECTER SET--------------------------------------
pincharsonlynums = '1234'      
passcharswithnonumsnocap = 'abcdefghijklmnopqrstuvwxyz'
passcharswithnumsbtnocap = 'abcdefghijklmnopqrstuvwxyz1234567890'
passcharswithnumsandcap = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890'
count = 1

passwdlength = 0

#--------------------------------------CONFIGURATION--------------------------------------
print "\n1. What charecter set do you want to use?"
print "1 - 1234567890"
print "2 - abcdefghijklmnopqrstuvwxyz"
print "3 - abcdefghijklmnopqrstuvwxyz1234567890"
print "4 - abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"

#charsetchoise = input("Your choise (1/2/3/4): ")

passwdlength = input("\n2. Enter the max length of the password you want to generate: ")

#zipfile = input("\n3. Enter the name of the zipfile with path: ")


#--------------------------------------START CRACKING--------------------------------------

while (count != 0):
    gen = itertools.combinations_with_replacement(pincharsonlynums,passwdlength) #1
    for password in gen:                                                      #2 
        with ZipFile('downloads.zip') as zf:
           # try:
                zf.extractall(password)
           # except:
              #  print "Failed."

有什么想法吗？

Answer 1

itertools.combinations_with_replacement()使用单个字符生成元组，而不是字符串：

>>> import itertools
>>> gen = itertools.combinations_with_replacement('1234', 3)
>>> next(gen)
('1', '1', '1')

使用''.join()将这些形成一个字符串：

password = ''.join(password)

但请注意，zf.extractall()的第一个参数是路径，而不是密码。您正在尝试将内容提取到生成的密码所指定的路径。我怀疑那是你想要做的。

使用pwd关键字参数指定密码：

zf.extractall(pwd=password)