Description
This plugin bruteforces form authentication logins. Eleven configurable parameters exist:
- usersFile
- stopOnFirst
- passwdFile
- passEqUser
- useLeetPasswd
- useMailUsers
- useSvnUsers
- useMails
- useProfiling
- profilingNumber
- comboFile
- comboSeparator
This plugin will take users from the file pointed by “usersFile”, mail users found on the site ( if “useMailUsers” is set to True ), emails found on the site ( if “useMails” is set to True ), and svn users found on the site ( if “useSvnUsers” is set to True ). This plugin will take passwords from the file pointed by “passwdFile” and the result of the password profiling plugin ( if “useProfiling” is set to True). The profilingNumber sets the number of results from the password profiling plugin to use in the password field. This plugin will take a combination of user and password from the pointed file by “comboFile”. The comboSeparator set the string used to split each combination in the comboFile. The “stopOnFirst” parameter indicates if the bruteforce will stop when finding the first valid credentials or not.
Plugin type
Options
| Name | Type | Default Value | Description | Help |
| usersFile | input_file | core/controllers/bruteforce/users.txt | Users file to use in bruteforcing | No detailed help available |
| passwdFile | input_file | core/controllers/bruteforce/passwords.txt | Passwords file to use in bruteforcing | No detailed help available |
| useSvnUsers | boolean | True | This indicates if we will use usernames from SVN headers collected by w3af plugins in bruteforce. | No detailed help available |
| stopOnFirst | boolean | True | This indicates if the bruteforce should stop after finding the first correct user and password. | No detailed help available |
| passEqUser | boolean | True | This indicates if the bruteforce should try password equal user in logins. | No detailed help available |
| useLeetPasswd | boolean | True | This indicates if the bruteforce should try l337 passwords | No detailed help available |
| useEmails | boolean | True | This indicates if the bruteforcer should use emails collected by w3af plugins as users. | No detailed help available |
| useProfiling | boolean | True | This indicates if the bruteforce should use password profiling to collect new passwords. | No detailed help available |
| profilingNumber | integer | 50 | This indicates how many passwords from profiling will be used. | No detailed help available |
| comboFile | input_file | core/controllers/bruteforce/combo.txt | Combo of username and passord, file to use in bruteforcing | No detailed help available |
| comboSeparator | string | : | Separator string used in Combo file to split username and password | No detailed help available |
Source
For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code
Dependencies
This plugin depends on grep.password_profiling, grep.get_emails, grep.http_auth_detect.
