wpbf - WordPress Brute Force Tool

wpbf -  WordPress Brute Force Tool

wpbf is a Python-based bruteforce tool for remotely testing password strength, username enumeration and plugin detection on a WordPress site.

How It Works

The script will try to login to the WordPress dashboard through the login form using a mixture of enumerated usernames, a wordlist and relevant keywords from the blog's content. If a single username is given, the script will not search for additional usernames.

When a correct username/password is found, it will be logged and shown in the standard output.

For faster results, you can spawn threads but BE CAREFUL not to flood/DoS the site. Default settings can be changed in "config.py" and "logging.conf" files.

The wordlist must have one entry per line, a small wordlist (wordlist.txt) and plugin list (plugins.txt) are provided for testing purposes.

Note: It requires Python 2.6+.

Features:

  • Username enumeration and detection (TALSOFT-2011-0526, Author's archive page, and content parsing)
  • Threads
  • Use keywords from blog's content in the wordlist
  • HTTP Proxy Support
  • Basic WordPress fingerprint (version and full path)
  • Advance plugins fingerprint (bruteforce, discovery and version/documentation)
  • Detection of Login LockDown plugin (this plugin makes the bruteforce useless)
  • Advanced logging using Python's logging library and logging configuration file

Usage:

wpbf.py [-h] [-w WORDLIST] [-u USERNAME] [-s SCRIPTPATH] [-t THREADS] [-p PROXY] 
[-nk] [-eu] url

wpbf will audit and bruteforce your WordPress installation to test password
strength, server configuration, users and installed plugins. It Currently
supports threads and HTTP proxy and provides a very small default wordlist (a
dynamic wordlist is generated by default from the blog's content) and basic
username detection.

positional arguments:
url base URL where WordPress is installed

optional arguments:
-h, --help show this help message and exit
-w WORDLIST, --wordlist WORDLIST
worldlist file (default: wordlist.txt)
-nk, --nokeywords don't search keywords in content and add them to the
wordlist
-u USERNAME, --username USERNAME
username (default: None)
-s SCRIPTPATH, --scriptpath SCRIPTPATH
path to the login form (default: wp-login.php)
-t THREADS, --threads THREADS
how many threads the script will spawn (default: 5)
-p PROXY, --proxy PROXY
http proxy (ex: http://localhost:8008/)
-nf, --nofingerprint don't fingerprint WordPress
-eu, --enumerateusers
only enumerate users (withouth bruteforcing)
-mu MAXUSERS, --maxusers MAXUSERS
maximum number of usernames to enumerate (default: no
limit)
-eut ENUMERATETOLERANCE, --enumeratetolerance ENUMERATETOLERANCE
user ID gap tolerance to use in username enumeration
(default: 3)
-nps, --nopluginscan skip plugin bruteforce, enumeration and fingerprint
-ds, --dontstop don't stop when password is found, continue with all
pending tasks
--test run python doctests (you can use a dummy URL here)

Examples:

  • Basic
It will use the default settings (you can change the default settings in config.py file):
$ ./wpbf.py http://www.mysite.com/blog/
  • Custom
Using username 'john', not using keywords in the wordlist and through a local proxy:
$ ./wpbf.py --nokeywords -u john -p http://localhost:8008/ http://www.mysite.com/blog/
  • Aggressive
It will use default settings and spawn 23 threads:
$ ./wpbf.py -t 23 http://www.mysite.com/blog/
  • Username enumeration
Only perform a user enumeration:
$ ./wpbf.py -eu http://www.mysite.com/blog/




Source: www.effecthacking.com
wpbf - WordPress Brute Force Tool wpbf -  WordPress Brute Force Tool Reviewed by Anonymous on 5:42 AM Rating: 5