def main():
"""
Initializes and executes the program.
"""
login_sucessful = []
login_failed = []
login_skipped = []
version = check_revision(VERSION)
print("%s\n\n%s %s (%s)\n" %
(BANNER % tuple([color(_)
for _ in BANNER_PASSWORDS]), NAME, version, URL))
args = parse_args()
if args.update:
update()
exit()
sites = list_sites()
if args.list:
for _ in sites:
print("- %s" % _)
exit()
if not args.password and not args.load_file:
args.password = getpass("%s Please enter password:"******"(?P<type>[^:]+)://(?P<address>[^:]+)"
r":(?P<port>\d+)", args.proxy, re.I)
if match:
if match.group("type").upper() in ("HTTP", "HTTPS"):
proxy_host = "%s:%s" % (match.group("address"),
match.group("port"))
proxy_handler = ProxyHandler({
"http": proxy_host,
"https": proxy_host
})
else:
from thirdparty.socks import socks
if match.group("type").upper() == "SOCKS4":
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4,
match.group("address"),
int(match.group("port")), True)
elif match.group("type").upper() == "SOCKS5":
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5,
match.group("address"),
int(match.group("port")), True)
proxy_handler = None
else:
proxy_handler = ProxyHandler()
else:
proxy_handler = None
opener = build_opener(HTTPHandler(), HTTPSHandler(),
HTTPCookieProcessor(cookie_handler))
if proxy_handler:
opener.add_handler(proxy_handler)
install_opener(opener)
with open(USER_AGENTS_FILE, 'r') as ua_file:
args.user_agent = sample(ua_file.readlines(), 1)[0].strip()
if args.only:
sites = [site for site in sites if site in args.only]
elif args.exclude:
sites = [site for site in sites if site not in args.exclude]
print("%s Loaded %d %s to test." %
(INFO, len(sites), "site" if len(sites) == 1 else "sites"))
if args.load_file:
if not isfile(args.load_file):
print("%s could not find the file \"%s\"" %
(WARN, color(args.load_file)))
exit()
_ = sum(1 for line in open(args.load_file, "r"))
if _ < 1:
print("%s the file \"%s\" doesn't contain any valid credentials." %
(WARN, color(args.load_file)))
exit()
print("%s Loaded %d credential%s from \"%s\".\n" %
(INFO, _, "s" if _ != 1 else "", color(args.load_file)))
print("%s Starting tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW)))
if not exists(OUTPUT_DIR):
makedirs(OUTPUT_DIR)
log = Logger("%s/credmap" % OUTPUT_DIR)
log.open()
def get_targets():
"""
Retrieve and yield list of sites (targets) for testing.
"""
for site in sites:
_ = populate_site(site, args)
if not _:
continue
target = Website(_, {"verbose": args.verbose})
if not target.user_agent:
target.user_agent = args.user_agent
yield target
def login():
"""
Verify credentials for login and check if login was successful.
"""
if (target.username_or_email == "email" and not credentials["email"]
or target.username_or_email == "username"
and not credentials["username"]):
if args.verbose:
print(
"%s Skipping %s\"%s\" since "
"no \"%s\" was specified.\n" %
(INFO, "[%s:%s] on " %
(credentials["username"] or credentials["email"],
credentials["password"]) if args.load_file else "",
color(target.name), color(target.username_or_email, BW)))
login_skipped.append(target.name)
return
print("%s Testing %s\"%s\"..." %
(TEST, "[%s:%s] on " %
(credentials["username"] or credentials["email"],
credentials["password"]) if args.load_file else "",
color(target.name, BW)))
cookie_handler.clear()
if target.perform_login(credentials, cookie_handler):
log.write(">>> %s - %s:%s\n" %
(target.name, credentials["username"]
or credentials["email"], credentials["password"]))
login_sucessful.append(
"%s%s" % (target.name, " [%s:%s]" %
(credentials["username"] or credentials["email"],
credentials["password"]) if args.load_file else ""))
else:
login_failed.append(target.name)
if args.load_file:
if args.cred_format:
separators = [
re.escape(args.cred_format[1]),
re.escape(args.cred_format[3])
if len(args.cred_format) > 3 else "\n"
]
cred_format = re.match(r"(u|e|p)[^upe](u|e|p)(?:[^upe](u|e|p))?",
args.cred_format)
if not cred_format:
print("%s Could not parse --format: \"%s\"" %
(ERROR, color(args.cred_format, BW)))
exit()
cred_format = [
v.replace("e", "email").replace("u", "username").replace(
"p", "password") for v in cred_format.groups()
if v is not None
]
with open(args.load_file, "r") as load_list:
for user in load_list:
if args.cred_format:
match = re.match(
r"([^{0}]+){0}([^{1}]+)(?:{1}([^\n]+))?".format(
separators[0], separators[1]), user)
credentials = dict(zip(cred_format, match.groups()))
credentials["password"] = quote(credentials["password"])
if ("email" in credentials and not re.match(
r"^[A-Za-z0-9._%+-]+@(?:[A-Z"
r"a-z0-9-]+\.)+[A-Za-z]{2,12}$",
credentials["email"])):
print("%s Specified e-mail \"%s\" does not appear "
"to be correct. Skipping...\n" %
(WARN, color(credentials["email"], BW)))
continue
if "email" not in credentials:
credentials["email"] = None
elif "username" not in credentials:
credentials["username"] = None
else:
user = user.rstrip().split(":", 1)
if not user[0]:
if args.verbose:
print("%s Could not parse credentials: \"%s\"\n" %
(WARN, color(user, BW)))
continue
match = re.match(
r"^[A-Za-z0-9._%+-]+@(?:[A-Z"
r"a-z0-9-]+\.)+[A-Za-z]{2,12}$", user[0])
credentials = {
"email": user[0] if match else None,
"username": None if match else user[0],
"password": quote(user[1])
}
for target in get_targets():
login()
else:
credentials = {
"username": args.username,
"email": args.email,
"password": quote(args.password)
}
for target in get_targets():
login()
log.close()
if not args.verbose:
print()
if len(login_sucessful) > 0 or len(login_failed) > 0:
_ = "%s/%s" % (color(len(login_sucessful), BW),
color(len(login_sucessful) + len(login_failed), BW))
sign = PLUS if len(login_sucessful) > (len(login_failed) +
len(login_skipped)) else INFO
print(
"%s Succesfully logged in%s." %
(sign, " with %s credentials on the list." %
_ if args.load_file else "to %s websites." % _), )
print("%s An overall success rate of %s.\n" %
(sign,
color(
"%%%s" % (100 * len(login_sucessful) /
(len(login_sucessful) + len(login_failed))), BW)))
if len(login_sucessful) > 0:
print("%s The provided credentials worked on the following website%s: "
"%s\n" % (PLUS, "s" if len(login_sucessful) != 1 else "",
", ".join(login_sucessful)))
print("%s Finished tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW)))
def main():
"""
Initializes and executes the program.
"""
login_sucessful = []
login_failed = []
login_skipped = []
version = check_revision(VERSION)
print("%s\n\n%s %s (%s)\n" % (
BANNER % tuple([color(_) for _ in BANNER_PASSWORDS]),
NAME, version, URL))
args = parse_args()
if args.update:
update()
exit()
sites = list_sites()
if args.list:
for _ in sites:
print("- %s" % _)
exit()
if not args.password and not args.load_file:
args.password = getpass("%s Please enter password:"******"(?P<type>[^:]+)://(?P<address>[^:]+)"
r":(?P<port>\d+)", args.proxy, re.I)
if match:
if match.group("type").upper() in ("HTTP", "HTTPS"):
proxy_host = "%s:%s" % (match.group("address"),
match.group("port"))
proxy_handler = ProxyHandler({"http": proxy_host,
"https": proxy_host})
else:
from thirdparty.socks import socks
if match.group("type").upper() == "SOCKS4":
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS4,
match.group("address"),
int(match.group("port")), True)
elif match.group("type").upper() == "SOCKS5":
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5,
match.group("address"),
int(match.group("port")), True)
proxy_handler = None
else:
proxy_handler = ProxyHandler()
else:
proxy_handler = None
opener = build_opener(HTTPHandler(), HTTPSHandler(),
HTTPCookieProcessor(cookie_handler))
if proxy_handler:
opener.add_handler(proxy_handler)
install_opener(opener)
with open(USER_AGENTS_FILE, 'r') as ua_file:
args.user_agent = sample(ua_file.readlines(), 1)[0].strip()
if args.only:
sites = [site for site in sites if site in args.only]
elif args.exclude:
sites = [site for site in sites if site not in args.exclude]
print("%s Loaded %d %s to test." %
(INFO, len(sites), "site" if len(sites) == 1 else "sites"))
if args.load_file:
if not isfile(args.load_file):
print("%s could not find the file \"%s\"" %
(WARN, color(args.load_file)))
exit()
_ = sum(1 for line in open(args.load_file, "r"))
if _ < 1:
print("%s the file \"%s\" doesn't contain any valid credentials." %
(WARN, color(args.load_file)))
exit()
print("%s Loaded %d credential%s from \"%s\".\n" %
(INFO, _, "s" if _ != 1 else "", color(args.load_file)))
print("%s Starting tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW)))
if not exists(OUTPUT_DIR):
makedirs(OUTPUT_DIR)
log = Logger("%s/credmap" % OUTPUT_DIR)
log.open()
def get_targets():
"""
Retrieve and yield list of sites (targets) for testing.
"""
for site in sites:
_ = populate_site(site, args)
if not _:
continue
target = Website(_, {"verbose": args.verbose})
if not target.user_agent:
target.user_agent = args.user_agent
yield target
def login():
"""
Verify credentials for login and check if login was successful.
"""
if(target.username_or_email == "email" and not
credentials["email"] or
target.username_or_email == "username" and not
credentials["username"]):
if args.verbose:
print("%s Skipping %s\"%s\" since "
"no \"%s\" was specified.\n" %
(INFO, "[%s:%s] on " %
(credentials["username"] or
credentials["email"], credentials["password"]) if
args.load_file else "", color(target.name),
color(target.username_or_email, BW)))
login_skipped.append(target.name)
return
print("%s Testing %s\"%s\"..." %
(TEST, "[%s:%s] on " % (credentials["username"] or
credentials["email"],
credentials["password"]) if
args.load_file else "", color(target.name, BW)))
cookie_handler.clear()
if target.perform_login(credentials, cookie_handler):
log.write(">>> %s - %s:%s\n" %
(target.name, credentials["username"] or
credentials["email"], credentials["password"]))
login_sucessful.append("%s%s" %
(target.name, " [%s:%s]" %
(credentials["username"] or
credentials["email"],
credentials["password"]) if
args.load_file else ""))
else:
login_failed.append(target.name)
if args.load_file:
if args.cred_format:
separators = [re.escape(args.cred_format[1]),
re.escape(args.cred_format[3]) if
len(args.cred_format) > 3 else "\n"]
cred_format = re.match(r"(u|e|p)[^upe](u|e|p)(?:[^upe](u|e|p))?",
args.cred_format)
if not cred_format:
print("%s Could not parse --format: \"%s\""
% (ERROR, color(args.cred_format, BW)))
exit()
cred_format = [v.replace("e", "email")
.replace("u", "username")
.replace("p", "password")
for v in cred_format.groups() if v is not None]
with open(args.load_file, "r") as load_list:
for user in load_list:
if args.cred_format:
match = re.match(r"([^{0}]+){0}([^{1}]+)(?:{1}([^\n]+))?"
.format(separators[0], separators[1]),
user)
credentials = dict(zip(cred_format, match.groups()))
credentials["password"] = quote(
credentials["password"])
if("email" in credentials and
not re.match(r"^[A-Za-z0-9._%+-]+@(?:[A-Z"
r"a-z0-9-]+\.)+[A-Za-z]{2,12}$",
credentials["email"])):
print("%s Specified e-mail \"%s\" does not appear "
"to be correct. Skipping...\n" % (WARN, color(
credentials["email"], BW)))
continue
if "email" not in credentials:
credentials["email"] = None
elif "username" not in credentials:
credentials["username"] = None
else:
user = user.rstrip().split(":", 1)
if not user[0]:
if args.verbose:
print("%s Could not parse credentials: \"%s\"\n" %
(WARN, color(user, BW)))
continue
match = re.match(r"^[A-Za-z0-9._%+-]+@(?:[A-Z"
r"a-z0-9-]+\.)+[A-Za-z]{2,12}$", user[0])
credentials = {"email": user[0] if match else None,
"username": None if match else user[0],
"password": quote(user[1])}
for target in get_targets():
login()
else:
credentials = {"username": args.username, "email": args.email,
"password": quote(args.password)}
for target in get_targets():
login()
log.close()
if not args.verbose:
print()
if len(login_sucessful) > 0 or len(login_failed) > 0:
_ = "%s/%s" % (color(len(login_sucessful), BW),
color(len(login_sucessful) + len(login_failed), BW))
sign = PLUS if len(login_sucessful) > (len(login_failed) +
len(login_skipped)) else INFO
print("%s Succesfully logged in%s." %
(sign, " with %s credentials on the list." % _ if args.load_file
else "to %s websites." % _),)
print("%s An overall success rate of %s.\n" %
(sign, color("%%%s" % (100 * len(login_sucessful) /
(len(login_sucessful) +
len(login_failed))), BW)))
if len(login_sucessful) > 0:
print("%s The provided credentials worked on the following website%s: "
"%s\n" % (PLUS, "s" if len(login_sucessful) != 1 else "",
", ".join(login_sucessful)))
print("%s Finished tests at: \"%s\"\n" % (INFO, color(strftime("%X"), BW)))
