This Python script attempts to crack a password using a dictionary attack. It sends HTTP POST requests to a target URL with different passwords from a wordlist until a successful login is achieved.
Usage:
-
Prerequisites:
- Python 3 installed.
requestslibrary:pip install requests
-
Prepare Wordlist:
- Create a
wordlistsdirectory in the same directory as this script. - Place your wordlist file (e.g.,
wordlisttxt) within thewordlistsdirectory.
- Create a
-
Run the Script:
- Execute the script from the terminal, providing the target URL as an argument:
python3 zcracker.py [http://10.0.2.8/dvwa/login.php](http://10.0.2.8/dvwa/login.php)
- Execute the script from the terminal, providing the target URL as an argument:
-
Output:
- If a password is found, the script will print:
[+] Got the password ->> <password> - If no password is found in the wordlist, it will print:
[!] 404 PASSWORD NOT FOUND
- If a password is found, the script will print:
Important Notes:
- Use this script responsibly and ethically. Only use it on systems that you have explicit permission to test.
- Avoid printing passwords directly to the console. Consider logging them to a file or using a more secure method.
- This script is for educational purposes and may not be suitable for all scenarios.
Disclaimer:
This script is provided as-is and without any warranty. The author is not responsible for any misuse or damage caused by this script.
Copyright:
[Insert your copyright information here]
License:
[Specify the license under which you are releasing this script, e.g., MIT License]