CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Need a Custom or Prewritten Perl Program?: I need a program that...:
Perl dictionary attack against myself with forks or threads

 



ErrsAreStdNow
New User

May 24, 2016, 2:28 AM

Post #1 of 1 (7242 views)
Perl dictionary attack against myself with forks or threads Can't Post

Hello mates,

This has a lot to engrained but I'll first get to the main part I can't seem to manage.

I'm willing to pay $15btc (or you tell me but be easy) for exactly what I want here.


I have an xmpp server that requires authentication. I can do this with perl SSL.

I've been in bad ways with the rest.

Here is what I want to try:

Open a large dictionary file with multiple threads or forks .... However, I just can't get it right for whatever reason. I've tried many things and eventually scrapped it all to start over.

Ok. So, I want to open a big dictionary and attempt to brute dictionary attack logins to my server for any particular username. It sounds more malicious than it is. My friend has created a Java equivalent that works well but I want it to be perl. (Let perl live!)

I want to open a file with 100k(+-) passwords
I want to spread each 'bundle' into.... Let's say 100 passwords.

I want to create a thread for each bundle (it doesn't have to be 100, it can be split into smaller parts too, just for speed).

Then, I'd like for each bundle to attempt the brute dictionary attack, and of course, stop all children if the match is found.

In my tests, all of the forks/threads start from the beginning and repeat already-tried attempts. I have tried (probably wrong method) to split the array of 100k into small arrays and then assign to fork/thread but I'm having data flow issues I guess (?)

My server is using SSL so I'm using the perl io::socket::ssl, breaking down the array and trying to cycle through all of passwords, using threads/forks for obvious speed reasons.

I would like to read in a large dictionary, split it into (n=number of threads equal parts), and initiate the 'attack' from there. If any thread finds the match, it's to stop all children and report back.

The bonus part:
My server is set to reject more than 2 attempts at one time. I can control this but I'd instead like to integrate proxy support as a bypass... To see if it's possible to this way.

Recap:
SSL authentication
Blocks 2+ attempts (wanting to add proxy to each thread)
Read in large dictionary file for dictionary attack
Split large file based on number of threads I set
Each thread reads its own split of the file and does the attempts to authenticate
Stop when authentication success happens

I am open to any all-perl method because it's just a pentest for myself and knowledge, I don't have much experience with forking nor threads, especially not with split data source and having each fork/thread read only a section, adding onto this, I have never tried to add proxy to each fork/thread for the request.

I scrapped my code tests or I would include what I've failed with, they may be backed up on a drove somewhere. (I was attempting to do line numbers like @block1 = 1..100, @block2 = 101..200 etc, but dynamically getting the numbers,)

Any help is appreciated here and explanation of what is taking place at key areas would be greatly appreciated.

I can install any modules needed or that could help it along.

Thanks again for any suggestions or code that gets me closer to my goal.

 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives