Class: Arachni::Plugins::HTTPDicattack
- Inherits:
-
Arachni::Plugin::Base
- Object
- Component::Base
- Arachni::Plugin::Base
- Arachni::Plugins::HTTPDicattack
- Defined in:
- components/plugins/http_dicattack.rb
Overview
Constant Summary
Constants included from Arachni
BANNER, Cookie, Form, Header, JSON, Link, LinkTemplate, NestedCookie, Severity, UIForm, UIInput, VERSION, WEBSITE, WIKI, XML
Instance Attribute Summary
Attributes inherited from Arachni::Plugin::Base
Class Method Summary collapse
Instance Method Summary collapse
Methods inherited from Arachni::Plugin::Base
#browser_cluster, distributable, distributable?, #framework_abort, #framework_pause, #framework_resume, gems, #http, #info, #initialize, is_distributable, merge, #register_results, #restore, #session, #suspend, #wait_while_framework_running, #with_browser
Methods inherited from Component::Base
author, description, fullname, #shortname, shortname, shortname=, version
Methods included from Component::Output
#depersonalize_output, #depersonalize_output?, #intercept_print_message
Methods included from UI::Output
#caller_location, #debug?, #debug_level, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #error_buffer, #error_log_fd, #error_logfile, #has_error_log?, #included, #log_error, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_exception, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #set_error_logfile, #unmute, #verbose?, #verbose_off, #verbose_on
Methods included from Component::Utilities
Methods included from Utilities
#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite
Methods included from Arachni
URI, collect_young_objects, #get_long_win32_filename, jruby?, null_device, profile?, windows?
Constructor Details
This class inherits a constructor from Arachni::Plugin::Base
Class Method Details
.info ⇒ Object
75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
# File 'components/plugins/http_dicattack.rb', line 75 def self.info { name: 'HTTP dictionary attacker', description: %q{ Uses wordlists to crack password protected directories. If the cracking process is successful the found credentials will be set framework-wide and used for the duration of the audit. If that's not what you want, set the scope page-limit option to "0". }, author: 'Tasos "Zapotek" Laskos <[email protected]>', version: '0.1.4', options: [ Options::Path.new( :username_list, required: true, description: 'File with a list of usernames (newline separated).' ), Options::Path.new( :password_list, required: true, description: 'File with a list of passwords (newline separated).' ) ] } end |
Instance Method Details
#clean_up ⇒ Object
67 68 69 |
# File 'components/plugins/http_dicattack.rb', line 67 def clean_up framework_resume end |
#prepare ⇒ Object
13 14 15 16 17 18 19 20 21 22 |
# File 'components/plugins/http_dicattack.rb', line 13 def prepare @url = framework..url.to_s @users = File.read( [:username_list] ).split( "\n" ) @passwds = File.read( [:password_list] ).split( "\n" ) @found = false framework_pause end |
#protected?(url) ⇒ Boolean
71 72 73 |
# File 'components/plugins/http_dicattack.rb', line 71 def protected?( url ) http.get( url, mode: :sync ).code == 401 end |
#run ⇒ Object
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'components/plugins/http_dicattack.rb', line 24 def run if !protected?( @url ) print_info "The URL you provided doesn't seem to be protected." print_info 'Aborting...' return framework_resume end url = uri_parse( @url ) print_status 'Building the request queue...' total_req = @users.size * @passwds.size print_status "Maximum number of requests to be transmitted: #{total_req}" @users.each do |user| @passwds.each do |pass| http.get( url.to_s, username: user, password: pass ).on_complete do |res| next if @found print_status "Username: '#{user}' -- Password: '#{pass}'" next if res.code != 200 @found = true print_ok "Found a match. Username: '#{user}' -- Password: '#{pass}'" print_info "URL: #{res.url}" framework..http.authentication_username = user framework..http.authentication_password = pass # register our findings... register_results( 'username' => user, 'password' => pass ) http.abort end end end print_status 'Waiting for the requests to complete...' http.run print_bad "Couldn't find a match." if !@found end |