def main(): """ Initializes and executes the program. """ login_sucessful = [] login_failed = [] login_skipped = [] version = check_revision(VERSION) print("%s\n\n%s %s (%s)\n" % (BANNER % tuple([color(_) for _ in BANNER_PASSWORDS]), NAME, version, URL)) args = parse_args() if args.update: update() exit() sites = list_sites() if args.list: for _ in sites: print("- %s" % _) exit() if not args.password and not args.load_file: args.password = getpass("%s Please enter password:"******"(?P<type>[^:]+)://(?P<address>[^:]+)" r":(?P<port>\d+)", args.proxy, re.I) if match: if match.group("type").upper() in ("HTTP", "HTTPS"): proxy_host = "%s:%s" % (match.group("address"), match.group("port")) proxy_handler = ProxyHandler({ "http": proxy_host, "https": proxy_host }) else: from thirdparty.socks import socks if match.group("type").upper() == "SOCKS4": socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, match.group("address"), int(match.group("port")), True) elif match.group("type").upper() == "SOCKS5": socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, match.group("address"), int(match.group("port")), True) proxy_handler = None else: proxy_handler = ProxyHandler() else: proxy_handler = None opener = build_opener(HTTPHandler(), HTTPSHandler(), HTTPCookieProcessor(cookie_handler)) if proxy_handler: opener.add_handler(proxy_handler) install_opener(opener) with open(USER_AGENTS_FILE, 'r') as ua_file: args.user_agent = sample(ua_file.readlines(), 1)[0].strip() if args.only: sites = [site for site in sites if site in args.only] elif args.exclude: sites = [site for site in sites if site not in args.exclude] print("%s Loaded %d %s to test." % (INFO, len(sites), "site" if len(sites) == 1 else "sites")) if args.load_file: if not isfile(args.load_file): print("%s could not find the file \"%s\"" % (WARN, color(args.load_file))) exit() _ = sum(1 for line in open(args.load_file, "r")) if _ < 1: print("%s the file \"%s\" doesn't contain any valid credentials." % (WARN, color(args.load_file))) exit() print("%s Loaded %d credential%s from \"%s\".\n" % (INFO, _, "s" if _ != 1 else "", color(args.load_file))) print("%s Starting tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW))) if not exists(OUTPUT_DIR): makedirs(OUTPUT_DIR) log = Logger("%s/credmap" % OUTPUT_DIR) log.open() def get_targets(): """ Retrieve and yield list of sites (targets) for testing. """ for site in sites: _ = populate_site(site, args) if not _: continue target = Website(_, {"verbose": args.verbose}) if not target.user_agent: target.user_agent = args.user_agent yield target def login(): """ Verify credentials for login and check if login was successful. """ if (target.username_or_email == "email" and not credentials["email"] or target.username_or_email == "username" and not credentials["username"]): if args.verbose: print( "%s Skipping %s\"%s\" since " "no \"%s\" was specified.\n" % (INFO, "[%s:%s] on " % (credentials["username"] or credentials["email"], credentials["password"]) if args.load_file else "", color(target.name), color(target.username_or_email, BW))) login_skipped.append(target.name) return print("%s Testing %s\"%s\"..." % (TEST, "[%s:%s] on " % (credentials["username"] or credentials["email"], credentials["password"]) if args.load_file else "", color(target.name, BW))) cookie_handler.clear() if target.perform_login(credentials, cookie_handler): log.write(">>> %s - %s:%s\n" % (target.name, credentials["username"] or credentials["email"], credentials["password"])) login_sucessful.append( "%s%s" % (target.name, " [%s:%s]" % (credentials["username"] or credentials["email"], credentials["password"]) if args.load_file else "")) else: login_failed.append(target.name) if args.load_file: if args.cred_format: separators = [ re.escape(args.cred_format[1]), re.escape(args.cred_format[3]) if len(args.cred_format) > 3 else "\n" ] cred_format = re.match(r"(u|e|p)[^upe](u|e|p)(?:[^upe](u|e|p))?", args.cred_format) if not cred_format: print("%s Could not parse --format: \"%s\"" % (ERROR, color(args.cred_format, BW))) exit() cred_format = [ v.replace("e", "email").replace("u", "username").replace( "p", "password") for v in cred_format.groups() if v is not None ] with open(args.load_file, "r") as load_list: for user in load_list: if args.cred_format: match = re.match( r"([^{0}]+){0}([^{1}]+)(?:{1}([^\n]+))?".format( separators[0], separators[1]), user) credentials = dict(zip(cred_format, match.groups())) credentials["password"] = quote(credentials["password"]) if ("email" in credentials and not re.match( r"^[A-Za-z0-9._%+-]+@(?:[A-Z" r"a-z0-9-]+\.)+[A-Za-z]{2,12}$", credentials["email"])): print("%s Specified e-mail \"%s\" does not appear " "to be correct. Skipping...\n" % (WARN, color(credentials["email"], BW))) continue if "email" not in credentials: credentials["email"] = None elif "username" not in credentials: credentials["username"] = None else: user = user.rstrip().split(":", 1) if not user[0]: if args.verbose: print("%s Could not parse credentials: \"%s\"\n" % (WARN, color(user, BW))) continue match = re.match( r"^[A-Za-z0-9._%+-]+@(?:[A-Z" r"a-z0-9-]+\.)+[A-Za-z]{2,12}$", user[0]) credentials = { "email": user[0] if match else None, "username": None if match else user[0], "password": quote(user[1]) } for target in get_targets(): login() else: credentials = { "username": args.username, "email": args.email, "password": quote(args.password) } for target in get_targets(): login() log.close() if not args.verbose: print() if len(login_sucessful) > 0 or len(login_failed) > 0: _ = "%s/%s" % (color(len(login_sucessful), BW), color(len(login_sucessful) + len(login_failed), BW)) sign = PLUS if len(login_sucessful) > (len(login_failed) + len(login_skipped)) else INFO print( "%s Succesfully logged in%s." % (sign, " with %s credentials on the list." % _ if args.load_file else "to %s websites." % _), ) print("%s An overall success rate of %s.\n" % (sign, color( "%%%s" % (100 * len(login_sucessful) / (len(login_sucessful) + len(login_failed))), BW))) if len(login_sucessful) > 0: print("%s The provided credentials worked on the following website%s: " "%s\n" % (PLUS, "s" if len(login_sucessful) != 1 else "", ", ".join(login_sucessful))) print("%s Finished tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW)))
def main(): """ Initializes and executes the program. """ login_sucessful = [] login_failed = [] login_skipped = [] version = check_revision(VERSION) print("%s\n\n%s %s (%s)\n" % ( BANNER % tuple([color(_) for _ in BANNER_PASSWORDS]), NAME, version, URL)) args = parse_args() if args.update: update() exit() sites = list_sites() if args.list: for _ in sites: print("- %s" % _) exit() if not args.password and not args.load_file: args.password = getpass("%s Please enter password:"******"(?P<type>[^:]+)://(?P<address>[^:]+)" r":(?P<port>\d+)", args.proxy, re.I) if match: if match.group("type").upper() in ("HTTP", "HTTPS"): proxy_host = "%s:%s" % (match.group("address"), match.group("port")) proxy_handler = ProxyHandler({"http": proxy_host, "https": proxy_host}) else: from thirdparty.socks import socks if match.group("type").upper() == "SOCKS4": socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4, match.group("address"), int(match.group("port")), True) elif match.group("type").upper() == "SOCKS5": socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, match.group("address"), int(match.group("port")), True) proxy_handler = None else: proxy_handler = ProxyHandler() else: proxy_handler = None opener = build_opener(HTTPHandler(), HTTPSHandler(), HTTPCookieProcessor(cookie_handler)) if proxy_handler: opener.add_handler(proxy_handler) install_opener(opener) with open(USER_AGENTS_FILE, 'r') as ua_file: args.user_agent = sample(ua_file.readlines(), 1)[0].strip() if args.only: sites = [site for site in sites if site in args.only] elif args.exclude: sites = [site for site in sites if site not in args.exclude] print("%s Loaded %d %s to test." % (INFO, len(sites), "site" if len(sites) == 1 else "sites")) if args.load_file: if not isfile(args.load_file): print("%s could not find the file \"%s\"" % (WARN, color(args.load_file))) exit() _ = sum(1 for line in open(args.load_file, "r")) if _ < 1: print("%s the file \"%s\" doesn't contain any valid credentials." % (WARN, color(args.load_file))) exit() print("%s Loaded %d credential%s from \"%s\".\n" % (INFO, _, "s" if _ != 1 else "", color(args.load_file))) print("%s Starting tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW))) if not exists(OUTPUT_DIR): makedirs(OUTPUT_DIR) log = Logger("%s/credmap" % OUTPUT_DIR) log.open() def get_targets(): """ Retrieve and yield list of sites (targets) for testing. """ for site in sites: _ = populate_site(site, args) if not _: continue target = Website(_, {"verbose": args.verbose}) if not target.user_agent: target.user_agent = args.user_agent yield target def login(): """ Verify credentials for login and check if login was successful. """ if(target.username_or_email == "email" and not credentials["email"] or target.username_or_email == "username" and not credentials["username"]): if args.verbose: print("%s Skipping %s\"%s\" since " "no \"%s\" was specified.\n" % (INFO, "[%s:%s] on " % (credentials["username"] or credentials["email"], credentials["password"]) if args.load_file else "", color(target.name), color(target.username_or_email, BW))) login_skipped.append(target.name) return print("%s Testing %s\"%s\"..." % (TEST, "[%s:%s] on " % (credentials["username"] or credentials["email"], credentials["password"]) if args.load_file else "", color(target.name, BW))) cookie_handler.clear() if target.perform_login(credentials, cookie_handler): log.write(">>> %s - %s:%s\n" % (target.name, credentials["username"] or credentials["email"], credentials["password"])) login_sucessful.append("%s%s" % (target.name, " [%s:%s]" % (credentials["username"] or credentials["email"], credentials["password"]) if args.load_file else "")) else: login_failed.append(target.name) if args.load_file: if args.cred_format: separators = [re.escape(args.cred_format[1]), re.escape(args.cred_format[3]) if len(args.cred_format) > 3 else "\n"] cred_format = re.match(r"(u|e|p)[^upe](u|e|p)(?:[^upe](u|e|p))?", args.cred_format) if not cred_format: print("%s Could not parse --format: \"%s\"" % (ERROR, color(args.cred_format, BW))) exit() cred_format = [v.replace("e", "email") .replace("u", "username") .replace("p", "password") for v in cred_format.groups() if v is not None] with open(args.load_file, "r") as load_list: for user in load_list: if args.cred_format: match = re.match(r"([^{0}]+){0}([^{1}]+)(?:{1}([^\n]+))?" .format(separators[0], separators[1]), user) credentials = dict(zip(cred_format, match.groups())) credentials["password"] = quote( credentials["password"]) if("email" in credentials and not re.match(r"^[A-Za-z0-9._%+-]+@(?:[A-Z" r"a-z0-9-]+\.)+[A-Za-z]{2,12}$", credentials["email"])): print("%s Specified e-mail \"%s\" does not appear " "to be correct. Skipping...\n" % (WARN, color( credentials["email"], BW))) continue if "email" not in credentials: credentials["email"] = None elif "username" not in credentials: credentials["username"] = None else: user = user.rstrip().split(":", 1) if not user[0]: if args.verbose: print("%s Could not parse credentials: \"%s\"\n" % (WARN, color(user, BW))) continue match = re.match(r"^[A-Za-z0-9._%+-]+@(?:[A-Z" r"a-z0-9-]+\.)+[A-Za-z]{2,12}$", user[0]) credentials = {"email": user[0] if match else None, "username": None if match else user[0], "password": quote(user[1])} for target in get_targets(): login() else: credentials = {"username": args.username, "email": args.email, "password": quote(args.password)} for target in get_targets(): login() log.close() if not args.verbose: print() if len(login_sucessful) > 0 or len(login_failed) > 0: _ = "%s/%s" % (color(len(login_sucessful), BW), color(len(login_sucessful) + len(login_failed), BW)) sign = PLUS if len(login_sucessful) > (len(login_failed) + len(login_skipped)) else INFO print("%s Succesfully logged in%s." % (sign, " with %s credentials on the list." % _ if args.load_file else "to %s websites." % _),) print("%s An overall success rate of %s.\n" % (sign, color("%%%s" % (100 * len(login_sucessful) / (len(login_sucessful) + len(login_failed))), BW))) if len(login_sucessful) > 0: print("%s The provided credentials worked on the following website%s: " "%s\n" % (PLUS, "s" if len(login_sucessful) != 1 else "", ", ".join(login_sucessful))) print("%s Finished tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW)))