From b874304dcc55235c9bb78ecab6257de83449acea Mon Sep 17 00:00:00 2001
From: Nader-abdi <coloner1995@gmail.com>
Date: Sun, 24 Dec 2023 13:30:37 +0330
Subject: [PATCH 1/2] refactor: Improved HTTP basic auth script

---
 ffuf_basicauth.sh | 16 +---------------
 1 file changed, 1 insertion(+), 15 deletions(-)

diff --git a/ffuf_basicauth.sh b/ffuf_basicauth.sh
index 51c42bf..3f1a24a 100755
--- a/ffuf_basicauth.sh
+++ b/ffuf_basicauth.sh
@@ -36,19 +36,5 @@ fi
 
 USERNAME_WORDLIST="$1"
 PASSWORD_WORDLIST="$2"
-USERNAME_WORDLIST_SIZE=$(wc -l "$USERNAME_WORDLIST" |awk '{print $1;}')
-PASSWORD_WORDLIST_SIZE=$(wc -l "$PASSWORD_WORDLIST" |awk '{print $1;}')
-OUTPUT_WORDLIST_SIZE=$((USERNAME_WORDLIST_SIZE * PASSWORD_WORDLIST_SIZE))
 
-printf "\nGenerating HTTP basic authentication strings. This can take a while depending on the length of user and password lists.\n\n" >&2
-printf "Usernames: %s\n" "$USERNAME_WORDLIST_SIZE" >&2
-printf "Passwords: %s\n" "$PASSWORD_WORDLIST_SIZE" >&2
-printf "Total combinations: %s\n\n" "$OUTPUT_WORDLIST_SIZE" >&2
-
-while IFS= read -r user
-do
-    while IFS= read -r password
-    do
-        printf "%s:%s" "$user" "$password" |base64
-    done < "$PASSWORD_WORDLIST"
-done < "$USERNAME_WORDLIST"
+awk 'NR==FNR{user[NR]=$0; next} {for (i=1;i<=length(user);i++) {printf "%s:%s\n", user[i], $0}}' "$USERNAME_WORDLIST" "$PASSWORD_WORDLIST"

From 14aad632a68625aca7638ee153853c002e3f4ca6 Mon Sep 17 00:00:00 2001
From: Nader-abdi <coloner1995@gmail.com>
Date: Sun, 24 Dec 2023 13:59:16 +0330
Subject: [PATCH 2/2] update command

---
 README.md         | 2 +-
 ffuf_basicauth.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index a179b19..79670e4 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ A script that generates base64 encoded combinations of username:password values
 Test each HTTP basic authentication username:password combination in https://example.org/endpoint, and filter out 403 - Forbidden responses.
 
 ```
-./ffuf_basicauth.sh usernames.txt passwords.txt |ffuf -w -:AUTH -u https://example.org/endpoint -H "Authorization: Basic AUTH" -fc 403 -c
+./ffuf_basicauth.sh usernames.txt passwords.txt |ffuf -w -:AUTH -u https://example.org/endpoint -H "Authorization: Basic AUTH" -enc AUTH:b64encode -fc 403 -c 
 ```
 
 ## Contributing
diff --git a/ffuf_basicauth.sh b/ffuf_basicauth.sh
index 3f1a24a..8168c50 100755
--- a/ffuf_basicauth.sh
+++ b/ffuf_basicauth.sh
@@ -13,7 +13,7 @@
 # in https://example.org/endpoint, and filter out 403 - Forbidden responses.
 # 
 # ./ffuf_basicauth.sh usernames.txt passwords.txt |ffuf -w -:AUTH \
-#    -u https://example.org/endpoint -H "Authorization: Basic AUTH" -fc 403
+#    -u https://example.org/endpoint -H "Authorization: Basic AUTH" -fc 403 -enc AUTH:b64encode
 #
 ##############################################################################