Dictionary Attack on NIT Kurukshetra User-Portal (Cyberoam). A nodejs script to guess cyberoam password for any given username.
MIT License
I wrote this script just to demonstrate that how some one with a fair knowledge of web-development can exploits weak passwords. I chose our college captive portal for experiment but same principle can be applied to any website which are vulnerable to attack. This is just for education purpose and I do not intend to steal any information.
A dictionary attack is based on trying all the strings in a pre-arranged listing, typically derived from a list of words such as in a dictionary. In this demo, I am going to use a text file passwords_jhon.txt (see the file above) containing approx 3000 common passwords. Dictionary attacks often succeed because many people have a tendency to choose short passwords that are ordinary words or common passwords, or simple variants obtained, for example, by appending a digit or punctuation character.
Students of NIT Kurukshetra are too lazy to choose a strong password for captive portal 😛 Also cyberoam does not block multiple login requests from same ip-address within a short span of time.
cd /path/to/repository
npm install
to install all nodejs dependenciesnode main.js 1130328 passwords_jhon.txt
This script tries all passwords from passwords_jhon.txt one by one for supplied username and simulate login to Captive portal i.e. make HTTP Post requests. To make http post requests you need an URL and Form data. To check URL and Form data made during post requests i.e. when you signin to portal, perform following steps-
You can use different and customized password files (of different lengths) to have successful attack. This script make each request per 100 milliseconds. You can decrease it for a faster execution. Initially I had used 60 ms but I was getting random Time-out error so I chose 100ms. For more details see source code of main.js file. Reference: I downloaded password file from this repo- https://github.com/danielmiessler/SecLists/tree/master/Passwords