README 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101
  1. ================================================================
  2. Introduction:
  3. ==============================
  4. Captcha Intruder is an automatic pentesting tool to bypass captchas.
  5. ================================================================
  6. Options and features:
  7. ==============================
  8. cintruder [OPTIONS]
  9. Options:
  10. --version show program's version number and exit
  11. -h, --help show this help message and exit
  12. -v, --verbose active verbose mode output results
  13. --proxy=PROXY use proxy server (tor: http://localhost:8118)
  14. --gui run GUI (CIntruder Web Interface)
  15. --update check for latest stable version
  16. ->Tracking:
  17. --track=TRACK download captchas from url (to: 'inputs/')
  18. --track-num=S_NUM set number of captchas to download (default: 5)
  19. --tracked-list list last tracked captchas (from: 'inputs/')
  20. ->Configuration (training/cracking):
  21. --set-id=SETIDS set colour's ID manually (use -v for details)
  22. ->Training:
  23. --train=TRAIN train using common OCR techniques
  24. ->Cracking:
  25. --crack=CRACK brute force using local dictionary
  26. ->Modules (training/cracking):
  27. --mod=NAME set a specific OCR exploiting module
  28. --mods-list list available modules (from: 'mods/')
  29. ->Post-Exploitation (cracking):
  30. --xml=XML export result to xml format
  31. --tool=COMMAND replace suggested word on commands of another tool. use
  32. 'CINT' marker like flag (ex: 'txtCaptcha=CINT')
  33. ================================================================
  34. Examples of usage:
  35. ==============================
  36. -------------------
  37. * View help:
  38. $ ./cintruder --help
  39. -------------------
  40. * Update to latest version:
  41. $ ./cintruder --update
  42. -------------------
  43. * Launch web interface (GUI):
  44. $ ./cintruder --gui
  45. -------------------
  46. * Simple crack from file:
  47. $ ./cintruder --crack "inputs/captcha.gif"
  48. -------------------
  49. * Simple crack from URL:
  50. $ ./cintruder --crack "http://host.com/path/captcha_url"
  51. -------------------
  52. * Simple crack from local, exporting results to a xml file:
  53. $ ./cintruder --crack "inputs/captcha.gif" --xml "test.xml"
  54. -------------------
  55. * Simple crack from url, with proxy TOR and verbose output:
  56. $ ./cintruder --crack "http://host.com/path/captcha_url" --proxy="http://127.0.0.1:8118" -v
  57. -------------------
  58. * Train captcha(s) from url, with proxy TOR and verbose output:
  59. $ ./cintruder --train "http://host.com/path/captcha_url" --proxy "http://127.0.0.1:8118" -v
  60. -------------------
  61. * Track 50 captcha(s) from url, with proxy TOR:
  62. $ ./cintruder --track "http://host.com/path/captcha.gif" --track-num "50" --proxy "http://127.0.0.1:8118"
  63. -------------------
  64. * List available modules (from "mods/"):
  65. $ ./cintruder --list
  66. -------------------
  67. * Launch an OCR module to train a specific local captcha:
  68. $ ./cintruder --train "inputs/easycaptcha.gif" --mod "module_invocation_name"
  69. -------------------
  70. * Launch an OCR module to crack a specific online captcha, with verbose output:
  71. $ ./cintruder --crack "http://host.com/path/captcha_url" --mod "module_invocation_name" -v
  72. -------------------
  73. * Replace suggested word by CIntruder after cracking a remote url on commands of another tool (ex: "XSSer"):
  74. $ ./cintruder --crack "http://host.com/path/captcha_url" --tool "xsser -u http://host.com/path/param1=foo&param2=bar&txtCaptcha=CINT"
  75. -------------------