New wfs.py functions and creation of wfs-browser.py/wfs-browser-input.py

[d4v1-sudo]

When to Use Each Script:

• wfs.py (New): Use this script when performing brute-force attacks on a router's login page using HTTP POST requests. It provides flexibility in specifying the router's IP address and offers comprehensive error detection, making it suitable for a wide range of router configurations.

• wfs-browser.py (New): Utilize this script when the router does not recognize the script as a browser, causing issues with login attempts. It employs Selenium WebDriver with Firefox to simulate browser interactions, ensuring compatibility and bypassing such recognition issues.

• wfs-browser-input.py (New): Choose this script for enhanced interactivity and customization in login form handling. It allows dynamic input of HTML element names and types, offering a more tailored approach to handling login forms with varying structures or configurations.

About improvements:

wfs.py (Old):

• Simple Approach: The script uses the requests library to send HTTP POST requests to the router's login page.
• Fixed IP Address: The router's IP address is hard-coded directly into the script, limiting flexibility for testing different addresses.
• Simple Verification Logic: The script checks if the string "incorrect" is present in the response to determine if the password is incorrect.

wfs.py (New):

• Enhanced Flexibility: Users can dynamically input the router's IP address, making the script more flexible for different network configurations.
• Comprehensive Error Detection: Utilizes a set of expressions to check for various error messages in the response, providing comprehensive detection of login failures.
• Additional Library Usage: Incorporates the requests_html library to parse HTML, expanding the script's capabilities beyond simple HTTP requests.
• Improved Error Handling: Manages SSL errors more robustly, providing more detailed error messages and useful recommendations for users.
• Support for Testing Multiple Combinations: Allows testing multiple user-password combinations simultaneously, improving brute-force efficiency.
• SSL Verification Disablement: Disables SSL verification due to potential issues with self-signed certificates, ensuring the script works across a wide range of network configurations.

wfs-browser.py (New):

• Migration to Selenium: Implements Selenium WebDriver with Firefox to simulate browser interactions, overcoming limitations when the router does not recognize the script as a valid browser.
• Optional Headless Mode: Offers the option to run in headless mode for non-interactive or background executions.
• Enhanced Page Synchronization: Uses WebDriverWait to wait for elements on the page, ensuring proper synchronization with loaded content.
• Improved Exception Handling: Implements a handler for keyboard interruptions, allowing graceful exits in response to user commands.
• Detailed Error Messages: Provides detailed error messages to facilitate debugging and troubleshooting during script execution.

wfs-browser-input.py (New):

• Enhanced Interactivity: Introduces more elaborate interaction with the user, allowing dynamic input of HTML element names for the login form.
• Login Form Customization: Allows users to specify names and types (id or name) of user input fields, password fields, and submit button.
• Improved Visual Feedback: Provides visual feedback to the user on page loading status and input field visibility.
• Enhanced Exception Handling: Manages exceptions more robustly, providing detailed error messages and offering graceful exits in case of failure.
• Support for Headless and Regular Browser Mode: Supports both headless mode and regular browser mode execution, providing flexibility for different execution scenarios.

Note

These improvements enhance the functionality, flexibility, and user-friendliness of the scripts, making them more reliable and adaptable to various router configurations and environments. The migration to Selenium WebDriver in wfs-browser.py and wfs-browser-input.py ensures compatibility with routers that do not recognize the script as a browser. With detailed error handling, comprehensive error detection, and interactive features, these scripts provide a powerful toolkit for network security testing and troubleshooting.

[kevinadhiguna]

This looks fire, let me have a look!

[d4v1-sudo]

I just forgot to mention that the selenium-manager directory in /PATH-TO/selenium/webdriver/common/linux/selenium-manager needs file execute permission (chmod +x on linux), but I don't know how it works exactly on Windows, I haven't tested it yet. But wfs.py should work normally.

[kevinadhiguna]

Looks fire! Thank you for your contribution!