Implements virtual threads

.idea/git_toolbox_blame.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="GitToolBoxBlameSettings">
+    <option name="version" value="2" />
+  </component>
+</project>

.idea/git_toolbox_prj.xml

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="GitToolBoxProjectSettings">
+    <option name="commitMessageIssueKeyValidationOverride">
+      <BoolValueOverride>
+        <option name="enabled" value="true" />
+      </BoolValueOverride>
+    </option>
+    <option name="commitMessageValidationEnabledOverride">
+      <BoolValueOverride>
+        <option name="enabled" value="true" />
+      </BoolValueOverride>
+    </option>
+  </component>
+</project>

.idea/remote-targets.xml

@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="RemoteTargetsManager">
+    <targets>
+      <target name="root@kyosu.fr:22" type="ssh/sftp" uuid="cb79b708-e728-4225-8df7-941abd57c841">
+        <config>
+          <option name="projectRootOnTarget" value="/root/Usertwist-Exploit" />
+          <option name="serverName" value="root@kyosu.fr:22 password" />
+        </config>
+        <ContributedStateBase type="JavaLanguageRuntime">
+          <config>
+            <option name="homePath" value="/opt/jdk-21.0.1" />
+            <option name="javaVersionString" value="17.0.11" />
+          </config>
+        </ContributedStateBase>
+      </target>
+    </targets>
+  </component>
+</project>

src/fr/motysten/usertwist/exploit/tools/Parser.java

@@ -15,18 +15,22 @@ public class Parser {
         }
     }
 
-    public static void asyncGetPass(JSONArray usersArray, int rotation) {
+    public static void asyncGetPass(JSONArray usersArray, int rotation) throws InterruptedException {
 
         for (int i = 0; i < usersArray.length(); i++) {
 
             int finalI = i;
-            new Thread(() -> {
+
+            Runnable r = () -> {
                 JSONObject user = usersArray.getJSONObject(finalI);
                 String login = user.getString("username");
                 String password = Cesar.rotate(user.getString("data"), rotation);
 
                 System.out.println((finalI + 1) + ". " + login + " => " + password);
-            }).start();
+            };
+
+            Thread t = Thread.startVirtualThread(r);
+            t.join();
         }
     }
 

src/fr/motysten/usertwist/exploit/tools/Request.java

@@ -3,8 +3,11 @@ package fr.motysten.usertwist.exploit.tools;
 import org.json.JSONObject;
 
 import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
 import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509ExtendedTrustManager;
 import java.io.IOException;
+import java.net.Socket;
 import java.net.URI;
 import java.net.http.HttpClient;
 import java.net.http.HttpRequest;
@@ -12,6 +15,7 @@ import java.net.http.HttpResponse;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.security.cert.X509Certificate;
 import java.util.Map;
 
 public class Request {
@@ -22,7 +26,42 @@ public class Request {
         HttpClient.Builder builder = HttpClient.newBuilder();
         if (insecure) {
             SSLContext customContext = SSLContext.getInstance("TLS");
-            customContext.init(null, new TrustManager[]{new SSLBypass()}, new SecureRandom());
+            customContext.init(null, new TrustManager[]{new X509ExtendedTrustManager() {
+                @Override
+                public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) {
+
+                }
+
+                @Override
+                public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) {
+
+                }
+
+                @Override
+                public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) {
+
+                }
+
+                @Override
+                public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) {
+
+                }
+
+                @Override
+                public void checkClientTrusted(X509Certificate[] x509Certificates, String s) {
+
+                }
+
+                @Override
+                public void checkServerTrusted(X509Certificate[] x509Certificates, String s) {
+
+                }
+
+                @Override
+                public X509Certificate[] getAcceptedIssuers() {
+                    return new X509Certificate[0];
+                }
+            }}, new SecureRandom());
             builder.sslContext(customContext);
         }
         this.client = builder.build();

src/fr/motysten/usertwist/exploit/tools/SSLBypass.java

@@ -1,43 +0,0 @@
-package fr.motysten.usertwist.exploit.tools;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.X509ExtendedTrustManager;
-import java.net.Socket;
-import java.security.cert.X509Certificate;
-
-public class SSLBypass extends X509ExtendedTrustManager {
-    @Override
-    public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) {
-
-    }
-
-    @Override
-    public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) {
-
-    }
-
-    @Override
-    public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) {
-
-    }
-
-    @Override
-    public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) {
-
-    }
-
-    @Override
-    public void checkClientTrusted(X509Certificate[] x509Certificates, String s) {
-
-    }
-
-    @Override
-    public void checkServerTrusted(X509Certificate[] x509Certificates, String s)  {
-
-    }
-
-    @Override
-    public X509Certificate[] getAcceptedIssuers() {
-        return new X509Certificate[0];
-    }
-}