3. Brute Force Dictionary Attack
- 暴力字典攻击
All of the scripts that hack the webapp will follow the same format, so let’s go over it now.Open up the file hack.py.
所有攻击webapp的脚本都有相同的格式,所以现在我们来复习一下。打开文件hack.py。
#!/usr/bin/python3
This is called the shebang in Linux. It tells the command line interpreter that this is a Python script, and gives the path to Python. In this case, we are using Python 3.
这在Linux中叫做shebang(#!)。他告诉命令行解释器这是一个Python脚本,并且把路径传递给Python。在这个示例中,我们使用Python 3。
The advantage of this is we don’t need to add python to our scripts. For example, rather than doing:
这样做的好处是我们不需要把python添加到我们的脚本中。例如,代替这样做:
python myscript.py
we can just do:
我们可以直接这样做:
./myscript.py
where ./ means in the current directory. The command line interpreter (bash in our case) will look at the shebang, and realise this is a Python file, and call the interpreter we linked to. It saves us a bit of typing, but more importantly, allows us to specify which Python version we want. So we could have done:
./的意思是在当前目录下。命令行解释器(在我们的示例中是shell)将查看shebang,并且意识到这是一个Python文件,并且调用我们链接的解释器。它为我们节省了一些输入工作,但是更重要的是,允许我们指定我们想要的Python版本。所以我们可以这样做:
#!/usr/bin/python3.4
or
或者这样做
#!/usr/bin/python2.7
if we wanted to test our script with particular versions of Python.
如果我们想用特定版本的Python测试我们的脚本。
In this case, we are sticking to python3, which links to the latest version of python installed in our virtual machine (3.4).
在这个实例中,我们使用Python 3, 这将调用在我们的虚拟机上安装的最新版本的Python(3.4)。
Okay, back to the code:
好了,回到代码上:
from selenium import webdriver
from selenium.webdriver.common.keys import Keys
We import the Selenium webdriver. This is the library that will drive our browser automation. In addition to the webdriver, we are also importing a module called Keys which (you guessed it) will allow us to simulate keypress (or typing).
我们引入Selenium webdriver。这是一个将驱动我们的浏览器自动化的库。除了webdriver,我们还引入一个叫做Keys的模块,这个模块使我们(你猜对了)可以模拟按键(或打字)。
from pyvirtualdisplay import Display
This is the virtual display we saw earlier– it will create a virtual screen for Firefox to run.
这是我们之前看到的虚拟屏幕——它将为Firefox创建一个虚拟屏幕。