0xZDH / msspray

A basic username enumeration and password spraying tool aimed at spraying Microsoft's DOM based authentication using selenium.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

msspray

This is a basic username enumeration and password spraying tool aimed at Microsoft Online authentication that renders in the DOM and requires the use of JavaScript to recognize page changes. For educational purposes only.

https://k3ramas.blogspot.com/2019/04/headless-browsers-for-password-spraying.html

Note: This fails when authentication is redirected to ADFS.

Setup

$ pip3 install selenium
$ wget https://github.com/mozilla/geckodriver/releases/download/v0.26.0/geckodriver-v0.26.0-linux64.tar.gz
$ tar -xvf geckodriver-v0.26.0-linux64.tar.gz
$ export PATH=$PATH:$(pwd) # Add the current directory with the geckodriver to the PATH

# Ensure there are no firewall rules that block routing to localhost. 
# Also, ensure that Firefox is up to date in order to set all of the required preferences.

Usage

Perform password spray:
python3 msspray.py -t https://<target website> -u usernames.txt -p passwords.txt --count 2 --lockout 5 --verbose

Perform username enumeration:
python3 msspray.py -t https://<target website> -u usernames.txt -e --verbose

usage: msspray.py [-h] [-t TARGET] -u USERNAME [-p PASSWORD] [--proxy PROXY]
                  [--wait WAIT] [--count COUNT] [--lockout LOCKOUT]
                  [--verbose] (-e | -s)

MS Online Password Sprayer.

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        Target URL
  -u USERNAME, --username USERNAME
                        File containing usernames
  -p PASSWORD, --password PASSWORD
                        File containing passwords
  --proxy PROXY         Proxy to pass traffic through: <ip:port>
  --wait WAIT           Time to wait when looking for DOM elements (in
                        seconds). Default: 3
  --count COUNT         Number of password attempts per user before lockout
  --lockout LOCKOUT     Lockout policy reset time (in minutes)
  --verbose             Verbose output
  -e, --enum            Perform username enumeration
  -s, --spray           Perform password spraying

About

A basic username enumeration and password spraying tool aimed at spraying Microsoft's DOM based authentication using selenium.


Languages

Language:Python 100.0%