Description: This is a Python script for performing a simple brute-force attack on a login page. It takes a username and a list of passwords from a file, and then iterates through each password, attempting to log in to the target website until a valid password is found.
- Python 3.x
requests
library (install withpip install requests
)termcolor
library (install withpip install termcolor
)
- Make sure you have Python installed on your system.
- Install the required libraries by running the following commands:
pip install requests
pip install termcolor
- Save the list of passwords in a file. Each line in the file should contain one password.
- Run the script using the following command:
python script.py
- The script will prompt you to provide the necessary information:
- Enter the URL of the login page.
- Enter the username for the account you want to brute-force.
- Enter the path to the password file.
- Provide the string that occurs on the page when login fails.
- Optionally, provide the cookie value if the website requires it.
- The script will start the brute-force attack and display the attempted passwords. If it successfully finds the correct password, it will print the username and password and exit.
- This script is intended for educational and ethical purposes only. Only use it on systems that you have explicit permission to test.
- Brute-force attacks are not recommended as they can be illegal and may cause harm to the target system. Use it responsibly and with caution.
- Always use strong and unique passwords to protect your online accounts.
The author of this script is not responsible for any misuse or damages caused by using this script. Use it at your own risk.
Happy hacking responsibly!