URL Bruteforce I guess

[blk.Sith0]

So uh, lets say there's a website which has users. Now, every user is associated with some random 11 digit code. And you can get to a users page by typing in their little code into the site address. (Like site.com/users/j245kj4j12d.html, or something like that)

Anyway, I want to enter every combination into there, until I get the words "Welcome", and when this happens, log that. But dont log when the page contains the word "bad".

So, someone said the best way to do this would be with PHP, but I'm not sure, so wondering what you guys think.

[I_Learning_I]

Well, your methodology is correct basically you do 11 for's inside each others so it will increment every character and then do a GET. then filter the file and see if it contains Welcome, shouldn't be very hard to do.
.NET it's usually the most used, but you can use C/C++, PHP or Java, they're quite easy to accomplish. In fact I can give you my C++ sockets code then just add the for's and charset and filter results.

small example:

Code: [Select]

char mycharset [] = { 'a', 'b', 'c', 'd', 'e', '\0' };


// Create socket
//Connect to host

//Start bruteforcing

for(int i=0; i<sizeof(mycharset); i++){
      for(int j=0; j<sizeof(mycharset); j++){
       myget= "GET /users/" + mycharset[i] + mycharset[j] +"\r\n";
       send(sock,myget);
       while(recv(sock, buff) >0){
          bigfile+=buff;
          bzero(buff);
       }
        // Getline if file
        // substr if string
        if (bigfile.find("Welcome")!=string::npos){
                available[count] = mycharset[i] + mycharset[j];
                i++;
       }

        bzero(bigfile);
      }
}

This is just a small example, this was meant for C++ but can equally be applied to PHP, since functions are similar if not equal and as well as syntax.
You still have to define socket and outside website and connect to it before the for's.

[blk.Sith0]

So I guess now my question is, which is easier to set up? PHP or C++? I need to go download one of those.

Also, here:

myget= "GET /users/" + mycharset + mycharset[j] +"\r\n";

When you say /users/, you mean to say site.com/users/, right?
And when you have the two mycharset, do you mean to put 11 of those in order?
And what are the \r and \n?

[I_Learning_I]

Depends on your experience with any of them, since syntax is pretty much the same

[blk.Sith0]

I updated the post, so uh, not sure if you saw that.

And zero experience with both

[ande]

Using PHP or C++ makes no difference. I would suggest PHP just because there is no compiling in the picture, so less work. On the other hand, PHP needs a server with it(you can rut it as CLI tho).

I could possibly help you out with some PHP code, but am not at home right now. Program logic would be:

- Generate URL with the bruteforce part in it
- Get the URL
- Check content
- If instr("Welcome"), log
- If done, exit
- goto top

[I_Learning_I]

So I guess now my question is, which is easier to set up? PHP or C++? I need to go download one of those.

Also, here:
When you say /users/, you mean to say site.com/users/, right?
And when you have the two mycharset, do you mean to put 11 of those in order?
And what are the \r and \n?

Sorry didn't see it yesterday.

If you don't have any experience it shouldn't be that easy, but nonetheless...
first of you would do something like a simple connect() which would contain information of the server, in this case site.com.
Once you're inside server.com you have to make requests for specific folders and files inside, so you'll ask for /users/yourbruteforcehere.
Think as server side if you need to, on the server side you have a folder called users and each user will have his randomname.html page, so the client has to ask for the whole path.

About mycharset, it my help if you have some quick reading on C++, but I'll give you some basics.
What you're doing is incrementing a character one by one like:
aaaaaaaaaaa
aaaaaaaaaab
aaaaaaaaaac

and so on...
As a result you'll need a for that will make a loop through your charset, which will contain the characters you wish to bruteforce. (Might be only numbers, only lowercase, everything, special characters,etc...)
Then you need to do a for for each string position, like for 2 characters you need 2 for's, for 11 characters string, you'll need 11 for's, so it will loop every string character.

for()
  for()
    for()
      for()
.... You get the drill.

\r\n means terminate string, like in a std::string would be a \0.
You might have to do some reading before you do that.
Anything else, just ask.

PS: In C++ you do not need a server running, since you'll only be using one socket, you can send and wait for an answer in the same socket, without the need to create another application for the server.
I'm not sure you do in PHP, but PHP isn't exactly my thing, although being very similar to PHP.

[blk.Sith0]

Thanks guys. Now I'm trying to install C++, and get that set up. Is it made by Microsoft? It looks like I need to download Microsoft Visual Studio, which confuses me, because I thought that was only for making Visual Basic applications and such. So I'm not sure what's going on here, there doesn't seem to be a website for this with a specific download button. Forgive my newbiness.

[I_Learning_I]

What you're download and installing it's an IDE , which is basically a compiler with a graphical environment that makes it easier to associate projects, files, functions and to check for typos.
You can use lots of compilers and lots of IDE's, there's NetBeans, CodeBlock, Microsoft Visual Studio C++, GCC, and so on...
I would advise you to use CodeBlocks as it is very light and doesn't has any Microsoft only libraries, like stdafx.h in Microsoft Visual C++, like that you'll be making this program and getting used to native C/C++.

[blk.Sith0]

Alright, I got codeblocks, and naturally I clicked Create New Project. Now where do I go from this screen?

[I_Learning_I]

Since you've installed CodeBlocks I presume you chose for C/C++, therefore, if you want native C/C++ instead of WinAPI or any variant, you should chose console project.

I must warn you that, although I like to help, I won't tell you every single line, I've told you the main functions and even showed you the for's, that's around 90% of the code and close to 100% of the theory.

Still, post your doubts and good luck with it
I hope you learn with your project

[blk.Sith0]

Do I need to get a compiler or something? I tried to run something and it says this at the bottom.

Test uses an invalid compiler. Probably the toolchain path within the compiler options is not setup correctly?! Skipping...

When I was installing, it asked me to pick a compiler from a long list, so I just went with the default one (GNU GCC Compiler). However, I'm lost now.

[Satan911]

I think you need to do some more reading before getting into this project.

1- Read on different languages. Take into consideration if you only want to get this project done or you want to start programming seriously. There's no point really in using C++ for this kind of project. Manipulating sockets in C++ is way more complicated than in PHP, Perl, python, etc.

2- Once you find a language setup a development environment. Look for suitable IDE and perhaps you'll need to install python or perl binaries on your system if you choose one of these languages.

3- Learn the basics of the programming language you are going to use before starting this project. It's not really a complicated project but it might might be a little too advanced for a beginner.

If you wanna code something by yourself you are gonna have to read a lot first.. There's no way around it.

[I_Learning_I]

Do I need to get a compiler or something? I tried to run something and it says this at the bottom.When I was installing, it asked me to pick a compiler from a long list, so I just went with the default one (GNU GCC Compiler). However, I'm lost now.

About that I don't know how to solve, my installation was pretty forward, I installed the IDE, also chose GCC compiler but then I didn't had any problem compiling.
You probably need to go to the configurations and choose compiler settings.

Satan, since he's just starting, I wouldn't advise him to start with Perl and/or Python, he'll need to know the difference between interpreter and compiler as well as scripting language and programming language, also Python syntax has nothing to do with Java, C/C++ or PHP, which means he would be going back to go forward.
Although I agree with you when you say he will have to do some reading before accomplishing the project.

[blk.Sith0]

Since PHP is used on webservers and such, does it need an IDE? Or just set up apache, and do it from there?
Well, Im going to install PHP and netbeans.