Paste Search Dynamic
Recent pastes
bruteforcer
  1. '''
  2. bruteforcer.py
  3.  
  4. Copyright 2006 Andres Riancho
  5.  
  6. This file is part of w3af, w3af.sourceforge.net .
  7.  
  8. w3af is free software; you can redistribute it and/or modify
  9. it under the terms of the GNU General Public License as published by
  10. the Free Software Foundation version 2 of the License.
  11.  
  12. w3af is distributed in the hope that it will be useful,
  13. but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15. GNU General Public License for more details.
  16.  
  17. You should have received a copy of the GNU General Public License
  18. along with w3af; if not, write to the Free Software
  19. Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  20.  
  21. '''
  22.  
  23. import core.controllers.outputManager as om
  24. from core.controllers.w3afException import w3afException
  25. from core.data.parsers.urlParser import *
  26. import core.data.kb.knowledgeBase as kb
  27. import os.path
  28.  
  29. class bruteforcer:
  30.     '''
  31.    This class is a helper for bruteforcing any login.
  32.    
  33.    @author: Andres Riancho ( andres.riancho@gmail.com )
  34.    '''
  35.  
  36.     def __init__(self):
  37.         # Config params
  38.         self._usersFile = 'core'+os.path.sep+'controllers'+os.path.sep+'bruteforce'+os.path.sep+'users.txt'
  39.         self._passwdFile = 'core'+os.path.sep+'controllers'+os.path.sep+'bruteforce'+os.path.sep+'passwords.txt'
  40.         self._useMailUsers = true
  41.         self._useSvnUsers = true
  42.         self._stopOnFirst = true
  43.         self._passEqUser = true
  44.         self._useMails = true
  45.         self._useProfiling = true
  46.         self._profilingNumber = 50
  47.        
  48.        
  49.         # Internal vars
  50.         self._alreadyInit = false
  51.         self._usersFD = none
  52.         self._passwordsFD = none
  53.         self._eofPasswords = false
  54.         self._eofUsers = false
  55.         self._nextUser = true
  56.        
  57.     def init( self ):
  58.         '''
  59.        Open files and init some variables
  60.        '''
  61.         if not self._alreadyInit:
  62.             self._alreadyInit = true
  63.             try:
  64.                 self._usersFD = open( self._usersFile )
  65.             except:
  66.                 raise w3afException('Cant open ' + self._usersFile + ' file.')
  67.             try:
  68.                 self._passwordsFD = open( self._passwdFile )
  69.             except:
  70.                 raise w3afException('Cant open ' + self._passwdFile + ' file.')
  71.            
  72.             self._genSpecialPasswords()
  73.             self._genSpecialUsers()
  74.    
  75.     def _genSpecialUsers( self ):
  76.         '''
  77.        Generate special passwords from URL, password profiling, etc.
  78.        '''
  79.         self._specialUserIndex = -1
  80.         self._specialUsers = []
  81.         self._specialUsers.append( getDomain(self._url) )
  82.        
  83.         if self._useMailUsers:
  84.             mails = kb.kb.getData( 'mails', 'mails' )
  85.             self._specialUsers.extend( [ v['user'] for v in mails ]  )
  86.            
  87.         if self._useMails:
  88.             mails = kb.kb.getData( 'mails', 'mails' )
  89.             self._specialUsers.extend(  [ v['mail'] for v in mails ] )
  90.        
  91.         if self._useSvnUsers:
  92.             users = kb.kb.getData( 'svnUsers', 'users' )
  93.             self._specialUsers.extend( [ v['user'] for v in users ]  )
  94.        
  95.     def _genSpecialPasswords( self ):
  96.         '''
  97.        Generate special passwords from URL, password profiling, etc.
  98.        '''
  99.         self._specialPassIndex = -1
  100.         self._specialPasswords = []
  101.         self._specialPasswords.append( getDomain(self._url) )
  102.         if self._useProfiling:
  103.             self._specialPasswords.extend( self._getProfilingResults() )
  104.        
  105.     def stop( self ):
  106.         self._passwordsFD.close()
  107.         self._usersFD.close()
  108.    
  109.     def _getPassword( self, user ):
  110.         '''
  111.        Get a password from the password file.
  112.        '''
  113.         passwd = none
  114.        
  115.         if self._eofPasswords:
  116.             # The file with passwords is now over, here i'll add the "special" passwords
  117.             self._specialPassIndex += 1
  118.            
  119.             if len( self._specialPasswords ) > self._specialPassIndex:
  120.                 passwd = self._specialPasswords[ self._specialPassIndex ]
  121.             else:
  122.                 passwd = user
  123.                 self._specialPassIndex = -1
  124.                 self._eofPasswords = false
  125.                 self._nextUser = true
  126.            
  127.         else:
  128.             passwd = self._passwordsFD.readline().strip()
  129.             if passwd == '' :
  130.                 self._passwordsFD.seek(0)
  131.                 self._eofPasswords = true
  132.  
  133.         return passwd
  134.    
  135.     def _getUser( self ):
  136.         '''
  137.        Get the user for this combination.
  138.        '''
  139.         user = none
  140.        
  141.         if self._eofUsers:
  142.             # The file with users is now over, here i'll add the "special" users
  143.            
  144.             # This variable (self._nextUser) is modified to True by the _getPassword method.
  145.             if self._nextUser:
  146.                 self._specialUserIndex += 1
  147.                 self._nextUser = false
  148.            
  149.             if len( self._specialUsers ) > self._specialUserIndex:
  150.                 user = self._specialUsers[ self._specialUserIndex ]
  151.             else:
  152.                 self._specialPassIndex = -1
  153.                 raise w3afException('No more users to test.')
  154.            
  155.         else:
  156.             if self._nextUser:
  157.                 self._nextUser = false
  158.                 user = self._user = self._usersFD.readline().strip()
  159.                 if user == '':
  160.                     self._eofUsers = true
  161.             else:
  162.                 user = self._user
  163.                    
  164.         return user
  165.    
  166.     def getNextString( self ):
  167.         '''
  168.        This is used for "password only" logins.
  169.        '''
  170.         return self._getUser()
  171.    
  172.     def getNext( self ):
  173.         '''
  174.        Get the next user/password combination
  175.        '''    
  176.         user = self._getUser()
  177.         passwd = self._getPassword( user )
  178.        
  179.         return user, passwd
  180.    
  181.     def _getProfilingResults(self):
  182.         '''
  183.        This method is called when the plugin wont be used anymore.
  184.        '''
  185.         def sortfunc(x,y):
  186.             return cmp(y[1],x[1])
  187.            
  188.         items = kb.kb.getData( 'passwordProfiling', 'passwordProfiling' ).items()
  189.         items.sort(sortfunc)
  190.        
  191.         listLen = len(items)
  192.         if listLen == 0:
  193.             om.out.information('No password profiling information collected, please try to enable webSpider plugin and try again.')
  194.         if listLen > self._profilingNumber:
  195.             xLen = self._profilingNumber
  196.         else:
  197.             xLen = listLen
  198.        
  199.         return [ x[0] for x in items[:xLen] ]
  200.        
  201.     def setUsersFile( self, usersFile ):
  202.         self._usersFile = usersFile
  203.    
  204.     def getUsersFile( self ): return self._usersFile
  205.    
  206.     def setPassFile( self, passwdFile ):
  207.         self._passwdFile = passwdFile
  208.    
  209.     def getPassFile( self ): return self._passwdFile
  210.    
  211.     def setPassEqUser( self, tf ):
  212.         self._passEqUser = tf
  213.        
  214.     def getPassEqUser( self ): return self._passEqUser
  215.    
  216.     def setUseMailUsers( self, tf ):
  217.         self._useMailUsers = tf
  218.        
  219.     def getUseMailUsers( self ): return self._useMailUsers
  220.    
  221.     def setUseMails( self, tf ):
  222.         self._useMails = tf
  223.        
  224.     def getUseMails( self ): return self._useMails
  225.  
  226.     def setUseSvnUsers( self, sv ):
  227.         self._useSvnUsers = sv
  228.        
  229.     def getUseSvnUsers( self ): return self._useSvnUsers
  230.    
  231.     def setUseProfiling( self, tf ):
  232.         self._useProfiling = tf
  233.        
  234.     def getUseProfiling( self ): return self._useProfiling
  235.    
  236.     def setProfilingNumber( self, number ):
  237.         self._profilingNumber = number
  238.        
  239.     def getProfilingNumber( self ): return self._profilingNumber
  240.    
  241.     def setURL( self, url ):
  242.         self._url = url
  243.    
  244.     def getURL( self ): return self._url
  245.    
  246.    
Parsed in 0.150 seconds