In a test. Request a login page as follows:
Password encryption method, and there is verification code, when penetration found no other problems or ideas when the blast had to be our choice, but how to get around these restrictions blasting, the test found that the code exists the problem, we only need to solve the first problem. Global search password see what we found, as follows:
Password encrypt function can be seen in the transmission process, the search function:
Looks like CryptJs using AES encryption:
Already know the way, an easy way is through encryption method has been, batch production our dictionary, initially fell into a misunderstanding, it is to use javascript array generated dictionary, for example, to generate four Password:
But this is not realistic for the password dictionary, because the dictionary is at least several thousand level, and later my brother said JS can be performed using the python, such as python2 of pyv8, python3 of PyExecJS, try the following:
em ...... given as follows:
Global search CryptJs, found in dataplus.js relevant information, details of which do not control, we just need to execute him:
Save locally, adjust the python code:
Then you can have fun blasting the:
