{"id":17347960,"url":"https://github.com/robotshell/cubespraying","last_synced_at":"2026-01-20T07:32:52.405Z","repository":{"id":249549921,"uuid":"831823886","full_name":"robotshell/cubeSpraying","owner":"robotshell","description":"cubeSpraying performs a Password Spraying attack against a Roundcube Webmail application. Password Spraying is a technique where an attacker attempts one password against many users to avoid being locked out due to multiple failed login attempts.","archived":false,"fork":false,"pushed_at":"2024-07-23T06:55:53.000Z","size":44,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-01-13T08:15:09.583Z","etag":null,"topics":["bruteforce","bruteforce-attacks","password","pentesting","red-team-tools","redteaming","roundcube-webmail","roundcubemail","script","spraying"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/robotshell.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-07-21T17:55:15.000Z","updated_at":"2025-06-20T19:54:42.000Z","dependencies_parsed_at":"2024-07-21T19:45:34.211Z","dependency_job_id":"6e609f64-1ee2-455f-af54-4632c709322b","html_url":"https://github.com/robotshell/cubeSpraying","commit_stats":null,"previous_names":["robotshell/cubespraying"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/robotshell/cubeSpraying","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robotshell%2FcubeSpraying","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robotshell%2FcubeSpraying/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robotshell%2FcubeSpraying/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robotshell%2FcubeSpraying/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/robotshell","download_url":"https://codeload.github.com/robotshell/cubeSpraying/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/robotshell%2FcubeSpraying/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28598158,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-20T02:08:49.799Z","status":"ssl_error","status_checked_at":"2026-01-20T02:08:44.148Z","response_time":117,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bruteforce","bruteforce-attacks","password","pentesting","red-team-tools","redteaming","roundcube-webmail","roundcubemail","script","spraying"],"created_at":"2024-10-15T16:50:41.468Z","updated_at":"2026-01-20T07:32:52.379Z","avatar_url":"https://github.com/robotshell.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n  \u003cbr\u003e\n  \u003ca href=\"https://github.com/robotshell/cubeSpraying\"\u003e\u003cimg src=\"https://i.ibb.co/9w6wcmG/logo-1.png\" alt=\"cubeSpraying\" style=\"width:100%\"\u003e\u003c/a\u003e\n\u003c/h1\u003e\n\ncubeSpraying performs a Password Spraying attack against a Roundcube Webmail application. Password Spraying is a technique where an attacker attempts one password against many users to avoid being locked out due to multiple failed login attempts.\n\n## Description\n\ncubeSpraying attempts to log in to Roundcube Webmail using a list of usernames and a list of passwords. Various parameters can be specified to adjust the script's behavior, including a verbose mode and a timeout between login attempts.\n\n### Key Features\n\n- **Password spraying**: Attempts one password against multiple users before moving to the next password.\n- **Verbose mode**: Displays details of each login attempt.\n- **Timeout**: Allows specifying a wait time between each login attempt.\n- **Session handling**: Uses `requests` sessions to handle cookies and authentication tokens.\n- **Flexible input**: Accepts either a single value or a file containing multiple values for both usernames and passwords.\n\n### Flexible Input Options\n\ncubeSpraying can take either a single value or a file containing multiple values for both usernames and passwords:\n\n- **Usernames**: You can pass a single username or a file containing a list of usernames, one per line.\n- **Passwords**: You can pass a single password or a file containing a list of passwords, one per line.\n\nThis flexibility allows for easy and quick testing with single credentials as well as comprehensive testing with large lists of usernames and passwords.\n\n## Requirements\n\n- Python 3.x\n- Libraries: `requests`\n\n## Installation\n\n1. Clone this repository or download the files.\n\n    ```sh\n    git clone https://github.com/robotshell/cubeSpraying.git\n    ```\n\n2. Navigate to the project directory.\n\n    ```sh\n    cd cubeSpraying\n    ```\n\n3. Install the `requests` library if you don't have it installed.\n\n    ```sh\n    pip install requests\n    ```\n\n## Usage\n\nRun the script with the following parameters:\n\n```sh\npython cubeSpraying.py --url URL --usernames USERNAMES --passwords PASSWORDS [--verbose] [--timeout TIMEOUT]\n```\n# Disclaimer\nThis tool is intended for educational and research purposes only. The author and contributors are not responsible for any misuse of this tool. Users are advised to use this tool responsibly and only on systems for which they have explicit permission. Unauthorized access to systems, networks, or data is illegal and unethical. Always obtain proper authorization before conducting any kind of activities that could impact other users or systems.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobotshell%2Fcubespraying","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frobotshell%2Fcubespraying","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frobotshell%2Fcubespraying/lists"}