{"id":21949446,"url":"https://github.com/d3vil0p3r/timeverter","last_synced_at":"2025-09-08T16:48:15.075Z","repository":{"id":44482255,"uuid":"470433872","full_name":"D3vil0p3r/timeverter","owner":"D3vil0p3r","description":"Bruteforce time-based tokens and convert several time domains.","archived":false,"fork":false,"pushed_at":"2022-10-14T21:11:18.000Z","size":96,"stargazers_count":6,"open_issues_count":1,"forks_count":5,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-18T17:43:25.644Z","etag":null,"topics":["bruteforce","converter","ctf-tools","hacking","python","security-tools","time","token"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/D3vil0p3r.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-03-16T04:40:03.000Z","updated_at":"2024-10-03T05:16:11.000Z","dependencies_parsed_at":"2023-01-20T00:03:26.453Z","dependency_job_id":null,"html_url":"https://github.com/D3vil0p3r/timeverter","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3vil0p3r%2Ftimeverter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3vil0p3r%2Ftimeverter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3vil0p3r%2Ftimeverter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3vil0p3r%2Ftimeverter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/D3vil0p3r","download_url":"https://codeload.github.com/D3vil0p3r/timeverter/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250349044,"owners_count":21415914,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bruteforce","converter","ctf-tools","hacking","python","security-tools","time","token"],"created_at":"2024-11-29T05:29:50.364Z","updated_at":"2025-04-23T01:03:48.369Z","avatar_url":"https://github.com/D3vil0p3r.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# TimeVerter - Time Converter Token Bruteforcer\n\n![timeverter_screen](https://user-images.githubusercontent.com/83867734/158734970-7aa3ba3d-047d-4229-9201-6180b3b95a51.png)\n\n**TimeVerter** helps you to bruteforce several kinds of time-based tokens and to convert several time domains.\n\ndate format: [%YYYY-%mm-%ddT%HH:%MM:%SS]\\\nepoch format: [seconds]\n\nList of arguments:\n| Argument | Long Argument | Input Example | Description |\n| -------- | ------------- | ---------- | ----------- |\n| `-c` | `--colored` | | Let's give some random colored output |\n| `-d` | `--data` | param1=value\u0026param2=VERTER | Insert data for POST request (i.e. userid=user\u0026token=VERTER) |\n| `-D` | `--date` | 2022-03-26T01:13:37 | Convert a date to epoch time format |\n| `-div` | `--divide` | 1000 | Divide the timestamp by the specified value (used for change the order of magnitude) |\n| `-e` | `--encode` | base64,hex | Encode the input to a chain of the specified formats. It will be applied before the `--algorithm` option |\n| `-E` | `--epoch` | 1647135274.789 | Convert epoch time to date format |\n| `-f` | `--float` | 0.001 | Deal timestamp as floating point number and specify the floating step value when range option is set |\n| `-fr` | `--filterregex` | Wrong token | Filter the response for the submitted regex |\n| `-g` | `--algorithm` | sha256 | Specify the algorithm to be used for token computation (look for hashlib or OpenSSL algorithms) |\n| `-h` | `--help` | | Show this help message and exit |\n| `-H` | `--header` | Content-Type: text/html; charset=UTF-8 | Specify the headers of the request |\n| `-mr` | `--matchregex` | .\\*Great.\\* | Match the response for the submitted regex |\n| `-mul` | `--multiply` | 1000 | Multiply the timestamp by the specified value (used for change the order of magnitude) |\n| `-n` | `--now` | | Show current local time as epoch and date format |\n| `-p` | `--prefix` | admin | Specify a prefix string before the timestamp |\n| `-r` | `--range` | 3000 | Specify a +- offset value of the timestamp in seconds (or other magnitudes according `-div` and `-mul` options) |\n| `-s` | `--suffix` | root | Specify a suffix string after the timestamp |\n| `-u` | `--url` | http://x.x.x.x:XXXX | Specify the URL |\n| `-U` | `--utc` | +1:00 | Show current UTC+N time as epoch and date format |\n| `-v` | `--verbose` | | Show verbose output |\n| `-V` | `--version` | | Show version information |\n| `-X` | `--request` | POST | Specify request method to use |\n| `-z` | `--compare` | a4e11f213f0bc314a043207dba6ca8ca | Compare a value to the output tokens |\n\nUse `VERTER` string on the parameter to bruteforce. Choose `-n`, `-U` or `-E` option for specifying the Time Base of your attack.\n\nUsage Examples:\n```\ntimeverter -D 2022-03-26T01:13:37\ntimeverter --utc=-3:30\ntimeverter -n -g md5 -r 3000 -z a4e11f213f0bc314a043207dba6ca8ca\ntimeverter -U +0:00 -r 3000 -g md5 -X POST -u http://SERVER_IP:PORT/somefolder/ -d 'submit=check\u0026token=VERTER' -fr \"Wrong token\" -mul 1000 -p admin\ntimeverter -u 'http://SERVER_IP:PORT/somefolder/' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' -H 'Connection: keep-alive' -H 'Cookie: SESSIONID=VERTER' -H 'Upgrade-Insecure-Requests: 1' -H 'Cache-Control: max-age=0' -n -e b64,hex -v -X GET -r 1000\n```\n![timeverter_compressed](https://user-images.githubusercontent.com/83867734/158840889-ceae7b4d-6e46-4a02-9957-fd3fa4f1c40b.gif)\n\n# Testing\nFor testing it, you can set up a PHP server on your testing machine (i.e. `php -S 127.0.0.1:8000`), by using the following example PHP scripts (credits [HackTheBox](https://www.hackthebox.com/)):\n\n**Testing by GET request**\n\u003cdetails\u003e\n \u003csummary\u003eClick here to show the PHP file!\u003c/summary\u003e\n \n```php\n\u003c?php\n// common header, can skip until READ_HERE mark\n?\u003e\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n\u003cmeta charset=\"utf-8\"\u003e\n\u003cmeta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"\u003e\n\u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1\"\u003e\n\u003ctitle\u003eBroken Authentication Login - Reset token time()\u003c/title\u003e\n\u003clink rel=\"stylesheet\" href=\"https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css\"\u003e\n\u003cscript src=\"https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js\"\u003e\u003c/script\u003e\n\u003cscript src=\"https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js\"\u003e\u003c/script\u003e \n\u003cstyle\u003e\n\t.login-form {\n\t\twidth: 500px;\n \tmargin: 50px auto;\n\t}\n .login-form form {\n \tmargin-bottom: 15px;\n background: #f7f7f7;\n box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);\n padding: 30px;\n }\n .login-form h2 {\n margin: 0 0 15px;\n }\n .form-control, .btn {\n min-height: 38px;\n border-radius: 2px;\n }\n .btn { \n font-size: 15px;\n font-weight: bold;\n }\n\u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\u003cdiv class=\"login-form\"\u003e\n\u003c?php\n// READ_HERE\n\n// where we will save our token\n$token_file = \"/dev/shm/token.txt\";\n\n// if file does not exists, create a token for this test session\nif (!(@file_exists($token_file))) {\n // get time in seconds\n\t$time = intval(microtime(true));\n\n // calculate token md5 hash\n\t$token = md5($time);\n\n // create and write tokenfile\n $fh = fopen($token_file, \"w\") or die(\"Unable to open file!\");\n fwrite($fh, $token);\n fclose($fh);\n}\n\n// read token from file\nfunction get_token($file) {\n\t$fh = fopen($file, \"r\");\n\t$token = fread($fh, filesize($file));\n // we shouldn't have any \\r or \\n, just to be safe\n $token = str_replace(PHP_EOL, '', $token);\n\tfclose($fh);\n\treturn $token;\n}\n\n// if we have a GET as check that contain a token field, and the field is valid reply with \"Great work\", else just return \"Wrong token\"\nif (isset($_GET['submit'])) {\n\tif ($_GET['submit'] === 'check') {\n\t\t$valid = get_token($token_file);\n\t\tif ($valid === $_GET['token']) {\n\t\t\techo '\u003cdiv class=\"alert alert-primary\"\u003e \u003cstrong\u003eGreat work!\u003c/strong\u003e\u003c/div\u003e';\n\t\t\texit;\n\t\t} else {\n\t\t\techo '\u003cdiv class=\"alert alert-warning\"\u003e \u003cstrong\u003eWrong token.\u003c/strong\u003e\u003c/div\u003e';\n\t\t}\n\t}\n}\n?\u003e\n \u003cform action=\"\" method=\"GET\"\u003e\n\t\u003ch2 class=\"text-center\"\u003eInput a valid token\u003c/h2\u003e\t\n \u003cdiv class=\"form-group\"\u003e\n \u003cinput name=\"token\" type=\"text\" class=\"form-control\" placeholder=\"Token\" required=\"required\"\u003e\n \u003c/div\u003e\n\n \u003cbutton value=\"check\" name=\"submit\" type=\"submit\" class=\"btn btn-primary btn-block\"\u003eCheck\u003c/button\u003e\n \u003c/div\u003e\n \u003c/form\u003e\n\u003c/div\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n```\n\u003c/details\u003e\n\n**Testing by POST request**\n\u003cdetails\u003e\n \u003csummary\u003eClick here to show the PHP file!\u003c/summary\u003e\n \n```php\n\u003c?php\n// common header, can skip until READ_HERE mark\n?\u003e\n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n\u003cmeta charset=\"utf-8\"\u003e\n\u003cmeta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"\u003e\n\u003cmeta name=\"viewport\" content=\"width=device-width, initial-scale=1\"\u003e\n\u003ctitle\u003eBroken Authentication Login - Reset token time()\u003c/title\u003e\n\u003clink rel=\"stylesheet\" href=\"https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css\"\u003e\n\u003cscript src=\"https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js\"\u003e\u003c/script\u003e\n\u003cscript src=\"https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js\"\u003e\u003c/script\u003e \n\u003cstyle\u003e\n\t.login-form {\n\t\twidth: 500px;\n \tmargin: 50px auto;\n\t}\n .login-form form {\n \tmargin-bottom: 15px;\n background: #f7f7f7;\n box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3);\n padding: 30px;\n }\n .login-form h2 {\n margin: 0 0 15px;\n }\n .form-control, .btn {\n min-height: 38px;\n border-radius: 2px;\n }\n .btn { \n font-size: 15px;\n font-weight: bold;\n }\n\u003c/style\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\u003cdiv class=\"login-form\"\u003e\n\u003c?php\n// READ_HERE\n\n// where we will save our token\n$token_file = \"/dev/shm/token.txt\";\n\n// if file does not exists, create a token for this test session\nif (!(@file_exists($token_file))) {\n // get time in seconds\n\t$time = intval(microtime(true));\n\n // calculate token md5 hash\n\t$token = md5($time);\n\n // create and write tokenfile\n $fh = fopen($token_file, \"w\") or die(\"Unable to open file!\");\n fwrite($fh, $token);\n fclose($fh);\n}\n\n// read token from file\nfunction get_token($file) {\n\t$fh = fopen($file, \"r\");\n\t$token = fread($fh, filesize($file));\n // we shouldn't have any \\r or \\n, just to be safe\n $token = str_replace(PHP_EOL, '', $token);\n\tfclose($fh);\n\treturn $token;\n}\n\n// if we have a POST as check that contain a token field, and the field is valid reply with \"Great work\", else just return \"Wrong token\"\nif (isset($_POST['submit'])) {\n\tif ($_POST['submit'] === 'check') {\n\t\t$valid = get_token($token_file);\n\t\tif ($valid === $_POST['token']) {\n\t\t\techo '\u003cdiv class=\"alert alert-primary\"\u003e \u003cstrong\u003eGreat work!\u003c/strong\u003e\u003c/div\u003e';\n\t\t\texit;\n\t\t} else {\n\t\t\techo '\u003cdiv class=\"alert alert-warning\"\u003e \u003cstrong\u003eWrong token.\u003c/strong\u003e\u003c/div\u003e';\n\t\t}\n\t}\n}\n?\u003e\n \u003cform action=\"\" method=\"POST\"\u003e\n\t\u003ch2 class=\"text-center\"\u003eInput a valid token\u003c/h2\u003e\t\n \u003cdiv class=\"form-group\"\u003e\n \u003cinput name=\"token\" type=\"text\" class=\"form-control\" placeholder=\"Token\" required=\"required\"\u003e\n \u003c/div\u003e\n\n \u003cbutton value=\"check\" name=\"submit\" type=\"submit\" class=\"btn btn-primary btn-block\"\u003eCheck\u003c/button\u003e\n \u003c/div\u003e\n \u003c/form\u003e\n\u003c/div\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n```\n\u003c/details\u003e\n\n\nUse **TimeVerter** for getting the right token!\\\n\\\n\\\nDo you like spoilers for these tests?\n\u003cdetails\u003e\n \u003csummary\u003eClick here to spoil!\u003c/summary\u003e\n \n ## GET request\n `python timeverter.py -d 'submit=check\u0026token=VERTER' -u http://127.0.0.1:8000/token_get.php -X GET -g md5 -n -fr \".*Wrong.*\" -r 3000`\n \n ## POST request\n `python timeverter.py -d 'submit=check\u0026token=VERTER' -u http://127.0.0.1:8000/token_post.php -X POST -g md5 -n -mr \"G[r]ea.*\" -r 3000`\n\u003c/details\u003e\n\nNote: in case of issues with the tests, try to remove the `/dev/shm/token.txt` generated by the PHP scripts.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd3vil0p3r%2Ftimeverter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fd3vil0p3r%2Ftimeverter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd3vil0p3r%2Ftimeverter/lists"}