Web Brute Force Program#
I wrote this program originally for the “agent sudo” room, albeit a bit misguidedly. It was then extended for the Mr Robot room when Hydra was taking forever to reach the password.
V1.0#
This was made to brute force the header in the Agent Sudo room. it uses a static fule but reads in a wordlist and URL
V2.0#
The first implimenation to brute force with threads. It just throws many threads at it. Fast but not reliable
V3.0#
This is the first version that is getting more advanced. Used for the Mr Robot room trying to brute force the password (once we have a known user)
Features
Arguements can be passed through the command line (template file isnt implimented)
Threading implimented but not managed
Response is searched for a static message, if NOT found then it is added to ‘interesting responses’ and the program finishes.
To Impliment
Manage the threading responses and ensure old connections are closed. Its bringing down the target server with too many open files?
Add the search string as an arguement
Impliment the template
Add the parser for arguements so they dont need to be statically located.
V3.1 WIP#
Added max thread value
Added hardcoded checkpoint