JavaScript 暴力破解 Web 表单
如果尝试错误,答案框上方会出现错误 说“答案不正确”。此外,我们还有无限数量的 尝试。
以上是包含详细信息的网站预览。
代码:
<form id="level" method="post">
<label for="answer">Answer:</label>
<input type="text" name="answer" id="answer" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
所以在这里我们简单地知道表单没有操作源。 唯一的方法(我知道)是通过 javascript 进行破解。 就像用来发送垃圾邮件的 Facebook 和 Orkut 一样,我们必须将 javascript 放入 URI、地址栏中。
我已经构建了一个 javascript(用于地址栏)来链接到其他 javascript 文件。
如果有人知道一些在线 javascript 暴力脚本或可以通过 javascript 链接的在线内容。
Just above the answer box an error would appear on wrong attempt which
says "Incorrect Answer". Additionally we have unlimited number of
attempts.
Above is the website preview with detailed information.
Code:
<form id="level" method="post">
<label for="answer">Answer:</label>
<input type="text" name="answer" id="answer" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
So simply here we get to know that the form does not have action source.
The only way (which I know) is to hack through javascript.
Like the one used to spam Facebook and Orkut, where we have to put in the javascript in URI, address bar.
I have built a javascript (for the address bar) to link to the other javascript files.
And if someone know some online javascript brute force script or something online that could be linked through javascript.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
尽管我讨厌告诉人们如何做这类事情,但这是一个有趣的问题。
然而,我首先要说的是,暴力解决方案可能需要很长时间才能实现。如果解决方案有 8 个字符长,并且我们每秒尝试 100 万种可能性(一个非常乐观的假设),那么大约需要 5 年时间才能尝试所有可能性。
不过,这里有一些 Javascript 代码,您应该能够修改它们以满足您的需求:
该解决方案实际上并不使用暴力。它实现了类似于 bogosort 的方法。虽然更有趣、更简单,但可能需要更长的时间才能完成。如果你是一个非常幸运的人,它可能会在第一次迭代时得到解决。
As much as I hate to tell people how to do this sort of thing, it's an interesting problem.
I should say first, however, that a brute force solution will likely take too long to be practical. If the solution is 8 characters long, and we try 1 million possibilities per second (a very optimistic assumption), it would take about 5 years to try out all of the possibilities.
Nevertheless, here is some Javascript code that you should be able to modify to fit your needs:
This solution does not actually use brute force. It implements a method similar to bogosort. While more fun and simple, it may take a bit longer to finish. If you're an incredibly lucky person, it might be solved on the first iteration.
您需要找到它连接到的脚本。使用此 http://blog.getfirebug.com/ 2009/10/30/event-listener-view-for-firebug/ 查看与按钮关联的事件侦听器。您可能还需要下载 Firefox 的 javascript deobfuscator 插件 https:// addons.mozilla.org/en-US/firefox/addon/javascript-deobfuscator/
You need to find the script it's connecting to. Use this http://blog.getfirebug.com/2009/10/30/event-listener-view-for-firebug/ to see what event listeners are associated with the button. You might also need to download a javascript deobfuscator plugin for firefox https://addons.mozilla.org/en-US/firefox/addon/javascript-deobfuscator/
根据需要更改字符集并相应地使用大小
获取序列生成器。
change the character set as you like and use the size accordingly
To get the sequence generator.