{"id":13389761,"url":"https://github.com/L-codes/oneshellcrack","last_synced_at":"2025-03-13T14:31:56.656Z","repository":{"id":113440990,"uuid":"94603692","full_name":"L-codes/oneshellcrack","owner":"L-codes","description":"a very very fast brute force webshell password tool","archived":false,"fork":false,"pushed_at":"2020-01-15T03:50:58.000Z","size":18,"stargazers_count":45,"open_issues_count":0,"forks_count":24,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-06T06:11:51.807Z","etag":null,"topics":["bruteforce","crack","facebook","oneshellcrack","password","webshell"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/L-codes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-06-17T05:50:16.000Z","updated_at":"2025-01-04T08:46:23.000Z","dependencies_parsed_at":null,"dependency_job_id":"614f4927-0b7a-401c-ad40-3c1caedbfc28","html_url":"https://github.com/L-codes/oneshellcrack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/L-codes%2Foneshellcrack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/L-codes%2Foneshellcrack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/L-codes%2Foneshellcrack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/L-codes%2Foneshellcrack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/L-codes","download_url":"https://codeload.github.com/L-codes/oneshellcrack/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243422601,"owners_count":20288488,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bruteforce","crack","facebook","oneshellcrack","password","webshell"],"created_at":"2024-07-30T13:01:30.616Z","updated_at":"2025-03-13T14:31:56.267Z","avatar_url":"https://github.com/L-codes.png","language":"Python","readme":"# 0x00 Oneshellcrack\noneshellcrack 是一个非常快的webshell暴力破解工具，工作原理是多线程并通过一次性发送大量的密码探测POST数据进行爆破，是其他普通webshell密码暴力破解工具的数千倍\n\n项目地址：[https://github.com/L-codes/oneshellcrack](https://github.com/L-codes/oneshellcrack)\n\n# 0x01 Features\n- 速度极快，经过本地服务器测试平均破解可达每秒22万个密码\n- 支持python 2.x和3.x\n- 支持网络或服务器性能影响，请求失败后的自动重新请求\n- 支持批量大密码字典文件\n- 支持自动生成常见默认密码和短密码枚举\n- 支持自动过滤不合法的密码\n\n# 0x02 Parameter description\n```\n$ python3 oneshellcrack.py -h\n\n  ___             ____  _          _ _  ____                _    \n / _ \\ _ __   ___/ ___|| |__   ___| | |/ ___|_ __ __ _  ___| | __\n| | | | '_ \\ / _ \\___ \\| '_ \\ / _ \\ | | |   | '__/ _` |/ __| |/ /\n| |_| | | | |  __/___) | | | |  __/ | | |___| | | (_| | (__|   \u003c \n \\___/|_| |_|\\___|____/|_| |_|\\___|_|_|\\____|_|  \\__,_|\\___|_|\\_\\                                                           \n\n               [ Author L       Version 1.0.1 ]\n\n[ Github ] https://github.com/L-codes/oneshellcrack\n\nusage: oneshellcrack.py [-h] [-m] [-n] [-r] [-s] [-t] [-w]\n                        [-p FILE [FILE ...]]\n                        URL\n\npositional arguments:\n  URL                  Target URL\n\noptional arguments:\n  -h, --help           show this help message and exit\n  -m , --max-threads   specify max threads [default: 200]\n  -n , --number        specify max password request [default: auto]\n  -r , --retry-nums    specify max retry request [default: 1]\n  -s , --shell         specify webshell type\n  -t , --timeout       specify request timeout [default: 8]\n  -w , --weakpwd-len   specify weak possword lenghts [default: 4]\n  -p FILE [FILE ...]   specify possword files [default: Weak passwords]\n\nuse examples:\n  python oneshellcrack.py http://localhost/shell.php \n  python oneshellcrack.py http://localhost/shell.jsp -n 1000 -m 300\n  python oneshellcrack.py http://localhost/shell.asp -p pwd1.lst pwd2.lst\n```\n\n# 0x03 Use examples\n\n## Examples 1\n```\npython3 oneshellcrack.py http://172.16.178.139/a.php     \n  ___             ____  _          _ _  ____                _    \n / _ \\ _ __   ___/ ___|| |__   ___| | |/ ___|_ __ __ _  ___| | __\n| | | | '_ \\ / _ \\___ \\| '_ \\ / _ \\ | | |   | '__/ _` |/ __| |/ /\n| |_| | | | |  __/___) | | | |  __/ | | |___| | | (_| | (__|   \u003c \n \\___/|_| |_|\\___|____/|_| |_|\\___|_|_|\\____|_|  \\__,_|\\___|_|\\_\\                                                           \n\n               [ Author L       Version 1.0.1 ]\n\n[ Github ] https://github.com/L-codes/oneshellcrack\n\n ( Shell:php, Numbers:1500, Threads:200, Retry:1 )\n\n[Crack] No.1751 (0.01s) CODE: 200 - POST Content-Length: 15623                    \n\n[Failed] No password found\n[Finish] 2626500 words in 11.922 seconds. (220310 w/s)\n```\n## Examples 2\n```\n$ python3 oneshellcrack.py http://172.16.178.133:84/1.asp -p pwd.lst\n  ___             ____  _          _ _  ____                _    \n / _ \\ _ __   ___/ ___|| |__   ___| | |/ ___|_ __ __ _  ___| | __\n| | | | '_ \\ / _ \\___ \\| '_ \\ / _ \\ | | |   | '__/ _` |/ __| |/ /\n| |_| | | | |  __/___) | | | |  __/ | | |___| | | (_| | (__|   \u003c \n \\___/|_| |_|\\___|____/|_| |_|\\___|_|_|\\____|_|  \\__,_|\\___|_|\\_\\                                                           \n\n               [ Author L       Version 1.0.1 ]\n\n[ Github ] https://github.com/L-codes/oneshellcrack\n\n ( Shell:asp, Numbers:1000, Threads:200, Retry:1 )\n\n[Crack] No.607  (0.05s) CODE: 200 - POST Content-Length: 41347                    \n\n[Success] Password: pass\u0026123\n[Finish] 607000 words in 5.080 seconds. (119477 w/s)\n```\n\n# 0x04 Problem\n如在使用过程中发现bug或有好的建议，欢迎提交[Issues](https://github.com/L-codes/oneshellcrack/issues)和[Pull Requests](https://github.com/L-codes/oneshellcrack/pulls)\n","funding_links":[],"categories":["Python","Python (1887)"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FL-codes%2Foneshellcrack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FL-codes%2Foneshellcrack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FL-codes%2Foneshellcrack/lists"}