Hacking liar lesson in Python

Foreword

Recently, I have nothing else to browse QQ space friends dynamic, suddenly a familiar picture came into my field of vision, yes, that is it, is it a picture.


In curiosity, I ruined completely different figure above, open a Web site, the old lady with many years of experience, this site will be a phishing site. Wanted on such calculations, but it is too boring, I want to do some hacking liar this reason that there is this article.

Packet capture analysis

Coding

Ideas:
the use of randomly generated random QQ number and password, then requests the Python analog library browser sends a request to the purpose.
The complete code is as follows:

# ！/usr/bin/env python
# —*— coding: utf-8 —*—
# @Time:    2020/1/17 9:42
# @Author:  Martin
# @File:    Bomber.py
# @Software:PyCharm
import requests
import random

# 伪装请求头部
headers = {'user-agent': 'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Mobile Safari/537.36'}
# URL地址
raw_url = 'http://qzonerqq.szscshb.com/dnf.php?u=%s&p=%s'
# 随机序列（自己胡乱写的）
dic1 = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9']
dic2 = ['=', '+', 'abc', 'qwe', 'ni', 'ge', 'si', 'ha', 'zi', '-', '*', 'cao']


# 随机产生QQ号
def get_username():
    username = ""
    for ix in range(1, 11):
        username += dic1[random.randint(0, len(dic1)-1)]
    return username


# 随机产生QQ密码
def get_password():
    password = ""
    for iy in range(0, 5):
        password += dic2[random.randint(0, len(dic2)-1)] + dic1[random.randint(0, len(dic1)-1)]
    return password


# 发送请求
def send():
    username = get_username()
    password = get_password()
    url = raw_url % (username, password)
    try:
        r = requests.get(url, headers=headers)
        if r.status_code == 200:
            print("QQ号：%s，密码：%s，发送成功！" % (username, password))
        else:
            print("发送请求失败！")
    except:
        send()


if __name__ == "__main__":
    number = int(input("请输入要发送的请求次数："))
    for i in range(0, number):
        send()

Expand ideas:
1, can be considered a multi-threaded crawler, increase speed.
2, using a proxy IP, avoid each other letters IP.

Test results

postscript

About the New Year, went to the fraud-prone period, please be sure to protect private property themselves and their ah, must not the effect, to the liar opportunity.
Finally, I wish you all a Happy New Year in advance now!