Python 3 and higher
simple_brute_force
Brute force all possible easy and short passwords to enter the site
Python Run command in Terminal:
> python main.py localhost 9090 # "localhost" - server address and "9090" - port
password
typical_passwords_hacker
Capable of cracking more complex passwords using a database of 1,000 real passwords with a case change of different letters
Python Run command in Terminal:
> python main.py localhost 9090 # "localhost" - server address and "9090" - port
qWeRTy
exception_catcher
Capable to crack a login with a dictionary of different logins and a complex password randomly generated from several characters. Cracker relies on a server return vulnerability: "An exception occurred during login" when it found one valid character. The server uses JSON.
- Will try all logins with an empty password.
- When it finds a login, it will try all possible passwords of length 1.
- When an exception occurs, it knows that it has found the first letter of the password.
- Uses the found login and the found letter to find the second letter of the password.
- Repeats until it receives a success message. Finally, the program outputs the username and password combination in JSON format.
- Run test_server
- Python Run command in Terminal:
> python main.py localhost 9090
{"login": "new_user", "password": "Sg967s"}
ping_exception_catcher
The same as the previous cracker, but now it calculates the time period for which the response arrives and finds out which initial characters are suitable for the password. As a result, it uses the time vulnerability to find the password.
Python Run command in Terminal:
> python main.py localhost 9090 # "localhost" - server address and "9090" - port
{"login": "admin3", "password": "mlqDz33x"}