0

I wrote this brute force directory scan for a web server, how can I apply threads / multithreading to make the scan faster? I searched for different solutions around but failed to apply. Here is the code:

#! /usr/bin/python

#Usage: 
#   python3 script.py [URL] [WORDLIST]
import sys
import socket
import requests

try:
    rhost = sys.argv[1]
    wordlist = sys.argv[2]

    print ('[*] Checking RHOST... '),
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    try:
        status = s.connect_ex((rhost, 80))
        s.close()
        if status == 0:
            print ('[DONE]')
            pass
        else:
            print ('[FAIL]')
            print ('[!] Error: Cannot Reach RHOST %s\n' %(rhost))
            sys.exit(1)
    except socket.error:
        print ('[FAIL]')
        print ('[!] Error: Cannot Reach RHOST: %s\n' %(rhost))
        sys.exit(1)

    print ('[*] Parsing Wordlist... ',)
    try:
        with open(wordlist) as file:
            to_check = file.read().strip().split('\n')
        print ('[DONE]')
        print ('[*] Total Paths to Check: %s' %(str(len(to_check))))
    except IOError:
        print ('[FAIL]')
        print ('[!] Error: Failed to Read Specified File\n')
        sys.exit(1)
    
    def checkpath(path):
        try:
            response = requests.get('http://' + rhost + '/' + path).status_code
        except Exception:
            print ('[!] Error: An Unexpected Error Occured')
            sys.exit(1)
        if response == 200:
            print ('[*] Valid Path Found: /%s' %(path))
    
    print ('\n[*] Beginning Scan...\n')
    for i in range(len(to_check)):
        checkpath(to_check[i])
    print ('\n[*] Scan Complete!')
except KeyboardInterrupt:
    print ('\n[!] Error: User Interrupted Scan')
    sys.exit(1)

I tried by myself but I failed, I'm not familiar with threads in python

Kobra3390
  • 1
  • What is slow ? I guess the `checkpath` part, but I can't be sure. What did you try to make it use threads ? There are plenty of examples of how to use threads with `requests`. – Lenormju Dec 05 '22 at 09:56
  • the examples I made I deleted them. However I would like to speed up the scanning process with threads. – Kobra3390 Dec 06 '22 at 11:26
  • Does this answer your question? [Python requests with multithreading](https://stackoverflow.com/questions/38280094/python-requests-with-multithreading) – Lenormju Dec 06 '22 at 11:27
  • I don't think I need the async responses, then I don't even know how to implement it. I need the code already implemented with threads, maybe set the number from cli – Kobra3390 Dec 07 '22 at 15:42
  • Async is not that different from multithreading. Anyway, what you want is to send the requests in parallel instead of sequentially, so either can work. As for your main question, what is the problem you encounter with threads ? On StackOverflow we try to answer precise questions, whose you showed your attempts to solve. – Lenormju Dec 08 '22 at 10:11
  • I don't know how to apply threads or async to this script – Kobra3390 Dec 08 '22 at 16:34
  • then follow a few tutorials online. I recommend those of realPython, here is [an introduction to threading](https://realpython.com/intro-to-python-threading/). StackOverflow is to answer precise questions, while you are asking for either a course or that we do it for you completely. See https://stackoverflow.com/help/how-to-ask – Lenormju Dec 09 '22 at 07:05

0 Answers0