The Selenium-Login-Assault is a Python script that automates the process of attempting logins with provided username and password lists on a target website using the Selenium web automation framework. This tool is designed for educational and research purposes and should not be used for any malicious activities.
- Easy customization for different websites using Selenium.
- Supports reading usernames and passwords from external files.
- Can detect successful logins and provide the credentials used.
- Utilizes explicit waits for improved reliability.
Before using this script, ensure that you have met the following requirements:
- Python 3.8 or higher.
- Selenium 3.141.0 or a compatible version.
- Chrome web driver (for Chrome) or the appropriate driver for your browser.
- The required Python packages, which can be installed using
pip install selenium.
-
Clone the repository to your local machine:
git clone https://github.com/iftekharmickey/Selenium-Login-Assault.git
-
Install the required Python packages:
pip install -r requirements.txt
-
Edit the configuration variables in the script to suit your testing needs. These variables include:
WAIT_TIME: Adjust this value to change the waiting time for elements (e.g.,WAIT_TIME = 10).URL: The URL of the login page you want to target (e.g.,URL = 'https://example.com/login').USERNAME_FILE: The file containing a list of usernames to test (e.g.,USERNAME_FILE = 'usernames.txt').PASSWORD_FILE: The file containing a list of passwords to test (e.g.,PASSWORD_FILE = 'passwords.txt').
-
Customize the element locators in the script to match your specific website. In the script, you'll find lines like:
username_field = WebDriverWait(driver, 10).until(EC.presence_of_element_located((By.ID, 'username'))) password_field = WebDriverWait(driver, 10).until(EC.presence_of_element_located((By.ID, 'password'))) login_button = WebDriverWait(driver, 10).until(EC.presence_of_element_located((By.XPATH, "//button[contains(@class, 'btn-outline-primary') and contains(@class, 'm-2')]"))
Update the
By.IDandBy.XPATHelements to match the HTML structure of your login page. By customizing these elements, you ensure that the script interacts correctly with your website's login page. -
Additionally, be prepared to handle website-specific error prompts in the script to ensure accurate detection of login outcomes.
For example, if your website displays "No Record Found" or "Credential Mismatched" as error messages upon failed login attempts, you can customize the script to check for these messages and log the corresponding outcomes.
Here's a simple example of handling "No Record Found" and "Credential Mismatched" prompts in the script:
if "No Record Found" in driver.page_source: logger.info("Login Failed: No Record Found") elif "Credential Mismatched" in driver.page_source: logger.info("Login Failed: Credential Mismatched") else: logger.info("Successful Login")
-
Run the script:
python login_scraper.py
Please make sure you have the appropriate web driver installed for your selected browser.
-
The script will prompt you for the URL of the login page, username list, and password list.
-
The script will automate login attempts using the provided username and password lists. If it successfully logs in, it will display the combination of the correct username and password.
This project is licensed under the MIT License - see the LICENSE file for details.
This script is provided for educational and research purposes. Please use this tool responsibly and only for legal and ethical purposes. Unauthorized or malicious use of this script may violate the law and is not endorsed or supported.
The author of this script is not responsible for any misuse of this tool. Users are solely responsible for their actions, and they should adhere to the laws and regulations of their respective jurisdictions.
This tool was developed by Iftekhar Tahir.
Enjoy using the Selenium-Login-Assault! For questions, issues, or feedback, don't hesitate to contact me at iftekhar.tahir@proton.me.