Skip to content

v2.2-beta
Compare
Choose a tag to compare
@narukoshin narukoshin released this 10 Feb 00:31
· 151 commits to main since this release
v2.2-beta
b073670

A little bit improved the code and added a new method for adding wordlist - from stdin
now you can generate a wordlist and brute force at the same time as you can do it with the tool - aircrack-ng

usage:

crunch 8 8 0123456789 | ./main

to use the on_pass method, add this line to the config.yml
if you will use on_pass, then on_fail will be ignored

on_pass:
    message: Message that will say we are in

to turn off "trying password" messages, add this line to the config.yml

bruteforce:
    ...
    no_verbose: true

to save the password in the file when it's found, add this line to the config.yml

bruteforce:
    ...
    output: /home/naru/the_password_file

now, it's possible to get the token and add it to the request

crawl:
    url: token-url # optional, if token is not located in the original location, when this option a allow to set a new one
    name: name-of-the-field
    search: ([a-z0-9]+){32} # regex expression

todo:

  • added a new method for loading wordlist - stdin
  • add output option where the password will be saved after it was found
  • add a no verbose option where the user can select if he/she wants to see the output from the tool like "trying password..." messages°
  • on_pass checking method
  • sometimes there is some kind of token that need to add to the request, so we need to cut that token from the website
Assets 3
Loading