-
Notifications
You must be signed in to change notification settings - Fork 58
Testing a list of username password pairs
Philip OKeefe edited this page Jul 27, 2016
·
3 revisions
Create a file containing a list of username-password pairs. By default shard expects these to be in the format "username":"password". An example file containing 3 credentials:
➜ ~ cat /tmp/credentials.txt
"[email protected]":"123456"
"[email protected]":"s3cr3tp@ssw0rd"
"system":"system"
➜ ~To test each username-password pair execute shard with the -f parameter:
➜ ~ java -jar shard-1.5.jar -f /tmp/credentials.txt
21:47:38.179 [+] Running in multi-user multi-password mode
21:47:38.210 [+] Parsed 3 credentials
21:47:38.211 [+] Running 12 modules
21:47:48.761 [+] [email protected]:123456 - No results
21:47:55.492 [+] [email protected]:s3cr3tp@ssw0rd - Reddit, Twitter
21:48:02.141 [+] system:system - No results
➜ ~We can see in the output shard successfully parsed 3 sets of credentials and loaded all modules. Each following line lists the credential and a list of websites it is valid.