####===Brought to you by OkIDaN===#### #Things you have to know: #1-specify argument when running a file (either l, p or lp - for username #scanning, password scanning, and both respectively) #Additional argument: "gencombo $numl $nump" #If you define this, the script after scanning both usernames and #passwords will generate a pretty nice combolist of the most frequent #$numl number of usernames and $nump number of passwords. #For ex, 50 loginnames and 60 #passwords will generate approxiamtely 3000 combos. Approximately #because it doesn't stop on the 50th most frequent login if the 51st has #the same number of frequency, and the 52nd, until the number of #frequency decreases. For ex, if the 50th loginname was found 37 times #and all loginnames after the 50th till 56th were found 37 times, but #57th was found 36 times, when generating the combolist only 56 #loginnames will be included. The same goes for passwords. #2-the wordlist must be a combolist, containing lines like #"username:password" #3-after analysing and scanning (and generating) it will create a file in #current folder and name it "yourcombolist"+"l"or"p"or"combo"+".txt" #4-Version 1.2. I'll be happy if it helps u. So comments, suggestions #go to okidan@aznetmail.com and MSN: okidan_nadiko@yahoo.com. #Released: june, 2004 #Good Luck use vars qw/ $k $hit $lorp $hr $min $hour $sec $end_sec $end_hour $end_min $dm $dh $ds $add $key $u $uname $top $t $num $n $file $wordlist $new_file $line $pass $u_name $n_name $n_hits %passwords %usernames @u @p @u_sorted @p_sorted/; ###extracting and checking the arguments, check it out ###intelligent parsing of arguments (without abbreviations, though) $i=0; while ($i <= $#ARGV){ if ($ARGV[$i]=~/^(l)$/i && !($mode)){ $mode="l"; last; } if ($ARGV[$i]=~/^(p)$/i && !($mode)){ $mode="p"; last; } if ($ARGV[$i]=~/^(lp)$/i) { $mode="lp" } if (($ARGV[$i]=~/^(gencombo)$/i) && ($ARGV[$i+1]=~/^\d+$/) && ($ARGV[$i+2]=~/^\d+$/)){ $num1=$ARGV[$i+1]; $num2=$ARGV[$i+2]; $mode="gencombo $num1:$num2"; last; } $i++; } unless ($mode) { die "\nusage: $0 {mode} {gencombo num1 num2}\n\n{mode} - {l}, {p}, or {lp}; for analyzing loginnames, passwords, and both, respectively\n{gencombo num1 num2} - optional feature; to generate a combolist of the most frequent usernames and passwords. {num1} is the number of the most frequent loginnames and {num2} is the number of passwords\nOpen this file with text editor to learn more about options.\n" } ###starting print "\n"; print "Started Combolist Analyzer ver 1.2 by OkIDaN\n"; $hr="="x43; print "$hr\n"; print "\n"; print "Mode: $mode\n"; print "Enter the path to combolist to be analyzed: "; chomp ($wordlist=); die "File not found: $wordlist" unless (-e $wordlist); print "Analyzing...\n"; ($sec, $min, $hour)=localtime(); open (WORDLIST, "$wordlist"); $n=0; while (chomp($line=)){ if ($line=~/:/){ unless ($line=~/:.*:/){ ($uname, $pass)=split(':', $line); $uname="{empty}" if ($line=~/^:/); $pass="{empty}" if ($line=~/:$/); $usernames{$uname}++; $passwords{$pass}++; $n++;}}$m++; } print "Total legitimate lines: $n [out of $m]\n"; print "Now sorting...\n"; print "\n"; foreach $key (keys (%usernames)){ $add="$key - $usernames{$key}"; push @u, $add; } foreach $key (keys (%passwords)){ $add="$key - $passwords{$key}"; push @p, $add; } ### Main part: Sorting if ($mode=~/^l/ || $mode=~/^g/){ print "Doing the username scanning and sorting..."; @u_sorted = map $_->[0], sort { $b->[1] <=> $a->[1] } map [$_, /-\s(\d+)/ ? $1 : die "$_"], @u; print "Done.\n"; } if ($mode=~/p$/ || $mode=~/^g/){ print "Doing the password scanning and sorting..."; @p_sorted = map $_->[0], sort { $b->[1] <=> $a->[1] } map [$_, /-\s(\d+)/ ? $1 : die "$_"], @p; print "Done.\n"; } ###Generating combos: lil bit difficult if ($mode=~/^g/){ print "Generating combos..."; $gencombofile=$wordlist . "-combo.txt"; open (GENCOMBO, ">$gencombofile"); $u=0; $cg=0; while ($u <= $#u_sorted){ ($u_name, $u_hits)=($u_sorted[$u]=~/(.*)\s-\s(\d+)/); last if ($num1 < $u && $u_hits < $u_prev_hits); $u_prev_hits=$u_hits; $u++; $p=0; while ($p <= $#p_sorted){ ($p_name, $p_hits)=($p_sorted[$p]=~/(.*)\s-\s(\d+)/); last if ($num2 < $p && $p_hits < $p_prev_hits); $p_prev_hits=$p_hits; $p++; print GENCOMBO "$u_name:$p_name\n"; $cg++; } } close (GENCOMBO); print "Done.\n"; print "Total combos generated $cg [$u x $p {$num1 x $num2}]\n"; } #time calculation ($end_sec, $end_min, $end_hour)=localtime(); if ($end_sec >= $sec){ $ds=$end_sec-$sec; }else{ $ds=$end_sec+60-$sec; $end_min--; } if ($end_min >= $min){ $dm=$end_min-$min; }else{ $dm=$end_min+60-$min; $end_hour--; } if ($end_hour >= $hour){ $dh=$end_hour-$hour; }else{ $dh=$end_hour+24-$hour; } ### The Output print "\nDone. Completed in $dh:$dm:$ds\n"; print "\n"; print "Enter the number of top entities to be displayed (20 for eg): "; chomp ($top=); print "\n"; print "===================\n"; print "\n"; $t=0; while ($t < $top){ if ($mode eq "p"){ ($n_name, $n_hits)=($p_sorted[$t]=~/(.*)\s-\s(\d+)/); write (STDOUT); }elsif ($mode eq "l"){ ($n_name, $n_hits)=($u_sorted[$t]=~/(.*)\s-\s(\d+)/); write (STDOUT); }else{ $n_name=$u_sorted[$t]; $n_hits=$p_sorted[$t]; write (STDOUT); } $t++; } print "Writing files:"; $k=0; if ($mode=~/p$/ || $mode=~/^g/){ $new_file=$wordlist . "-p.txt"; open (TOFILE, ">$new_file"); while ($p_sorted[$k]){ ($u_name, $hit)=split(' - ', $p_sorted[$k]); last if ($hit < 2); print TOFILE "$p_sorted[$k]\n"; $k++; }close (TOFILE); print " $new_file {$k lines}"; }$k=0; if ($mode=~/^l/ || $mode=~/^g/){ $new_file=$wordlist . "-l.txt"; open (TOFILE, ">$new_file"); while ($u_sorted[$k]){ ($u_name, $hit)=split(' - ', $u_sorted[$k]); last if ($hit < 2); print TOFILE "$u_sorted[$k]\n"; $k++; }close (TOFILE); print " $new_file {$k lines}"; } print " $gencombofile {$cg lines}" if (-s $gencombofile); format STDOUT = @<<<<<<<<<<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<< $n_name, $n_hits .