a perl script for dictionary attacks against router / web logins
(requires the libwww-perl modules and WWW:MECHANIZE)
A little PERL script for testing your router while wardriving. Many
router (e.g Siemens SE105 and SE515) only require a password to access
the admin interface. With QUICKBRUTE you can check the most common
passwords (passfile.tom with 3000 common passwords included) in a few
minutes. I had great success with this tool. Use any password file you
want. Usually when wardriving I just check for a few thousand common
passwords and move on if not successful.
You can also use this script for ANY WEBSITE login (e.g. webmail) or
router that require a user and password combination. Although you can
only enter one user name at the moment (no file). It just makes no
sense to me to check all passwords against a big list of users.
Implementation of user list would be easy though. Just check the script.
Reminder: Don't use it on the web although it works. If you try to
brute force a webpage with it, chances are the account will be closed
due to many false login attempts and webmaster will come after you as
your attempts are logged (IP address). WLAN wardriving is a different
story. Most routers accept as many attempts as you are willing to
launch.
I know the code looks ugly (my first script), so if you don't like it don't use it. Or better, mail me how to improve it.
Connects to any website and checks for passwords (dictionary
attack). When I wrote this there was no tool for OS X available. If you
know one please mail me. Tools like THC-HYDRA only work with basic HTTP
authorization. This script lets you attack ANY website.
