From 29e8cb593c6c791941dae771e1f650469cff0a67 Mon Sep 17 00:00:00 2001 From: casual Date: Thu, 11 Apr 2024 09:14:28 +0000 Subject: [PATCH 1/4] Update README.md --- README.md | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f173f5b..bae3712 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,38 @@ # owncloud_bruteforcer -simple tool to bruteforce owncloud instance -(the main purpose is bypass anti-CSRF token) +Simple tool to bruteforce owncloud instance +# Description + +Tool make GET request to acquire CSRF token + cookies and make POST request with given username and password wordlist. + +## Installation + +`go install git.sual.in/casual/owncloud_bruteforcer@latest` + +## Help + +``` +Owncloud_bruteforcer - tool to bruteforce user + +Usage: + owncloud_bruteforcer [flags] + +Flags: +INPUT: + -url, -u string target's url to login page. Example "https://example.com/index.php/login, http://example.com/login " + -login, -l string username to bruteforce (default "admin") + -login-wordlist, -L string username wordlist + -password-wordlist, -P string Password wordlist + -proxy, -x string HTTP proxy for packet inspection (Burp/Caidu/ZAP) (for example http://127.0.0.1:8080). But be aware, if you enable inspection then attack will fail because of delays + -threads, -t int threads to bruteforce (default 10) + + +``` + +## Notes + + - Successful login detected by redirect location after POST request. If user have 2FA, then app will not show found login:password. + +# License +This project is licensed under the MIT License - see the LICENSE file for details \ No newline at end of file From ebeaad547e3f20c2a3af0439e87ec019287f74d9 Mon Sep 17 00:00:00 2001 From: casual Date: Thu, 11 Apr 2024 09:14:48 +0000 Subject: [PATCH 2/4] Update README.md --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index bae3712..5332369 100644 --- a/README.md +++ b/README.md @@ -26,8 +26,6 @@ INPUT: -password-wordlist, -P string Password wordlist -proxy, -x string HTTP proxy for packet inspection (Burp/Caidu/ZAP) (for example http://127.0.0.1:8080). But be aware, if you enable inspection then attack will fail because of delays -threads, -t int threads to bruteforce (default 10) - - ``` ## Notes From 726c4f89c87a2c58b770d76a2cd782f7cc6e5989 Mon Sep 17 00:00:00 2001 From: casual Date: Thu, 11 Apr 2024 09:18:29 +0000 Subject: [PATCH 3/4] Update README.md --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 5332369..5603945 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,12 @@ Tool make GET request to acquire CSRF token + cookies and make POST request with `go install git.sual.in/casual/owncloud_bruteforcer@latest` +## Example usage + +``` +owncloud_bruteforce -u "https://target.com/login" -P ./rockyou.txt +``` + ## Help ``` @@ -31,6 +37,7 @@ INPUT: ## Notes - Successful login detected by redirect location after POST request. If user have 2FA, then app will not show found login:password. + - If # License This project is licensed under the MIT License - see the LICENSE file for details \ No newline at end of file From af45392d9a876199479bca9d73d2a359ae9dbb7f Mon Sep 17 00:00:00 2001 From: casual Date: Thu, 11 Apr 2024 09:25:49 +0000 Subject: [PATCH 4/4] Update README.md --- README.md | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 5603945..fcfce32 100644 --- a/README.md +++ b/README.md @@ -2,21 +2,19 @@ Simple tool to bruteforce owncloud instance -# Description +## Description Tool make GET request to acquire CSRF token + cookies and make POST request with given username and password wordlist. -## Installation +### Installation `go install git.sual.in/casual/owncloud_bruteforcer@latest` -## Example usage +### Example -``` -owncloud_bruteforce -u "https://target.com/login" -P ./rockyou.txt -``` +`owncloud_bruteforce -u "https://target.com/login" -P ./rockyou.txt` -## Help +### Help ``` Owncloud_bruteforcer - tool to bruteforce user @@ -29,15 +27,16 @@ INPUT: -url, -u string target's url to login page. Example "https://example.com/index.php/login, http://example.com/login " -login, -l string username to bruteforce (default "admin") -login-wordlist, -L string username wordlist - -password-wordlist, -P string Password wordlist + -password-wordlist, -P string password wordlist -proxy, -x string HTTP proxy for packet inspection (Burp/Caidu/ZAP) (for example http://127.0.0.1:8080). But be aware, if you enable inspection then attack will fail because of delays -threads, -t int threads to bruteforce (default 10) ``` -## Notes +## Notes (TODO) - Successful login detected by redirect location after POST request. If user have 2FA, then app will not show found login:password. - - If + - If there is internet connection problem or WAF/rate-limit/etc blocked you, you may recieve `can't create (POST) request: Post "https://target.com/login": context deadline exceeded (Client.Timeout exceeded while awaiting headers)` + - There is way to bruteforce administrator account which use different endpoint, possibly can allow to bruteforce admin account in same time without slowing down current version of tool -# License -This project is licensed under the MIT License - see the LICENSE file for details \ No newline at end of file +## License +This project is licensed under the MIT License - see the LICENSE file for details. I am not responsible for any actions or damage. \ No newline at end of file