https://github.com/flyzone84/bruteforce

this script can perfome brute force attack for various login pages
https://github.com/flyzone84/bruteforce

brute-force flyzone84 hacking login python

Last synced: about 1 year ago
JSON representation

this script can perfome brute force attack for various login pages

• Host: GitHub
• URL: https://github.com/flyzone84/bruteforce
• Owner: Flyzone84
• Created: 2025-04-28T05:16:24.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-04-28T05:26:31.000Z (about 1 year ago)
• Last Synced: 2025-04-28T06:26:42.790Z (about 1 year ago)
• Topics: brute-force, flyzone84, hacking, login, python
• Language: Python
• Homepage:
• Size: 7.81 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# HTTP Brute Force Login Script

This Python script performs a brute-force attack on a web login form by iterating through a list of passwords for a given username and target URL.

## Features

- Reads passwords from a file

- Sends HTTP POST requests to the login endpoint

- Detects success based on response text or status code

- Customizable login form path and success condition

## Requirements

- Python 3.x

- `requests` library

## Installation

1. Clone this repository:

   ```bash

   git clone https://github.com/Flyzone84/bruteforce.git

   cd bruteforce

   ```

   Or directly:

   ```bash

   pip install requests

   ```

## Usage

1. Run the script:

   ```bash

   python bruteforce.py

     ```

2. When prompted, enter:

   - **Target IP Address** (e.g., `100.210.180.101`)

   - **Port** (default `80`)

   - **Login Path** (e.g., `/login`)

   - **Username** (e.g., `admin`)

   - **Path to Password File** (e.g., `passwords.txt`)

The script will try each password and print whether it succeeded or failed.

## Customization

- **Success condition**: By default, the script checks for the substring `"Welcome"` in the response or a `302` status code. You can modify this in the `brute_force_login` function:

  ```python

  if "Welcome" in response.text or response.status_code == 302:

      # success logic

  ```

- **Timeout**: Adjust the `timeout` parameter in `requests.post()` if needed.

## Example

```bash

Enter Target IP Address (e.g., 103.119.179.101): 192.168.1.10

Enter Port (default 80 if unknown): 81

Enter Login Path (e.g., /login): /doc/page/login.asp

Enter Username (e.g., admin): admin

Enter Path to Password File: /path/to/password_file.txt

```

## Disclaimer

Use this script only on systems you own or have explicit permission to test. Unauthorized access to systems is illegal and unethical.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.