class WPSeku(object):
out = wpprint.wpprint()
def banner(self):
print
def usage(self,ext=False):
path = os.path.basename(sys.argv[0])
self.banner()
print "Usage: {} [options]\n".format(path)
print "\t-t --target\tTarget URL (eg: http://site.com)"
print "\t-b --brute\tBruteforce login via xmlrpc"
print "\t-u --user\tSet username, (df=admin)"
print "\t-p --proxy\tSet proxy, (host:port)"
print "\t-c --cookie\tSet cookie, (--cookie=\"COOKIE\")"
print "\t-a --agent\tSet user-agent, (--agent=\"AGENT\")"
print "\t-r --ragent\tSet random user-agent"
print "\t-f --redirect\tRedirect target url, (df=true)"
print "\t-m --timeout\tSet timeout, (df=None)"
print "\t-w --wordlist\tSet wordlist, (df=db/wordlist.txt)"
print "\t-h --help\tShow this help and exit\n"
print "Examples:"
print "\t{} -t http://site.com".format(path)
print "\t{} -t http://site.com -b -w wlist.txt".format(path)
print "\t{} -t http://site.com/wordpress/ --redirect".format(path)
print "\t{} -t http://site.com -b -u test -w wlist.txt\n".format(path)
if ext:
exit()
brute = False
user = "******"
cookie = None
agent = "Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0"
redirect = True
wordlist = "db/wordlist.txt"
proxy = None
timeout = None
def main(self,kw):
if len(sys.argv) <= 2:
self.usage(True)
try:
opts,args = getopt.getopt(kw,"t:u:p:c:a:m:w:frbh:",["target=","brute",
"user="******"proxy=","cookie=","timeout=","agent=","ragent","redirect","wordlist=","help"]
)
except getopt.error,e:
self.usage(True)
for opt,arg in opts:
if opt in ('-t','--target'):
self.target = self.check(arg)
if opt in ('-b','--brute'):
self.brute = True
if opt in ('-u','--user'):
self.user = arg
if opt in ('-p','--proxy'):
self.proxy = arg
if opt in ('-c','--cookie'):
self.cookie = arg
if opt in ('-a','--agent'):
self.agent = arg
if opt in ('-r','--ragent'):
pass
if opt in ('-m','--timeout'):
self.timeout = arg
if opt in ('-f','--redirect'):
self.redirect = False
if opt in ('-w','--wordlist'):
self.wordlist = arg
if opt in ('-h','--help'):
self.usage(True)
# starting
self.init()
if self.brute == True:
wpxmlrpc.wpxmlrpc(agent=self.agent,proxy=self.proxy,
redir=self.redirect,time=self.timeout,url=self.target,
cookie=self.cookie,wlist=self.wordlist,user=self.user).run()
exit()
# fingerprint
fingerprint.fingerprint(agent=self.agent,proxy=self.proxy,
redir=self.redirect,time=self.timeout,url=self.target,
cookie=self.cookie).run()
# discovery
discovery.discovery().run(agent=self.agent,proxy=self.proxy,
redir=self.redirect,time=self.timeout,url=self.target,
cookie=self.cookie)
def Main(self):
if len(sys.argv) <= 2:
self.Usage(True)
try:
opts, args = getopt.getopt(
self.kwargs, "t:x=:s=:l=:b=:h=:q:u:p:m:c:w:a:r:", [
'target=', 'xss', 'sql', 'lfi', 'query=', 'brute', 'user='******'proxy=', 'method=', 'cookie=', 'wordlist=', 'agent=',
'redirect=', 'help'
])
except getopt.error as error:
pass
for o, a in opts:
if o in ('-t', '--target'):
self.target = self.CheckTarget(a)
if o in ('-x', '--xss'):
self.xss = True
if o in ('-s', '--sql'):
self.sql = True
if o in ('-l', '--lfi'):
self.lfi = True
if o in ('-q', '--query'):
self.query = a
if o in ('-b', '--brute'):
self.brute = True
if o in ('-u', '--user'):
self.user = a
if o in ('-p', '--proxy'):
self.proxy = a
if o in ('-m', '--method'):
self.method = a
if o in ('-c', '--cookie'):
self.cookie = a
if o in ('-w', '--wordlist'):
self.wordlist = a
if o in ('-a', '--agent'):
self.agent = a
if o in ('-r', '--redirect'):
self.redirect = a
if o in ('-h', '--help'):
self.Usage(True)
self.Banner()
self.printf.plus('Target: %s' % self.target)
self.printf.plus('Starting: %s\n' %
(time.strftime('%d/%m/%Y %H:%M:%S')))
print self.agent
if not self.agent: self.agent = 'Mozilla/5.0'
if not self.proxy: self.proxy = None
if not self.cookie: self.cookie = None
if not self.redirect: self.redirect = False
if not self.user: self.user = "******"
# xss attack
if self.xss == True:
if not self.method:
sys.exit(self.printf.erro('Method not exisits!'))
if not self.query: sys.exit(self.printf.erro('Not found query'))
wpxss.wpxss(self.agent, self.proxy, self.redirect, self.target,
self.method, self.query).run()
sys.exit()
# sql attack
if self.sql == True:
if not self.method:
sys.exit(self.printf.erro('Method not exisits!'))
if not self.query: sys.exit(self.printf.erro('Not found query'))
wpsql.wpsql(self.agent, self.proxy, self.redirect, self.target,
self.method, self.query).run()
sys.exit()
# lfi attack
if self.lfi == True:
if not self.method:
sys.exit(self.printf.erro('Method not exisits!'))
if not self.query: sys.exit(self.printf.erro('Not found query'))
wplfi.wplfi(self.agent, self.proxy, self.redirect, self.target,
self.method, self.query).run()
sys.exit()
# attack bruteforce
if self.brute == True:
if not self.wordlist:
sys.exit(self.printf.erro('Not found wordlist!'))
wpxmlrpc.wpxmlrpc(self.agent, self.proxy, self.redirect,
self.target, self.cookie, self.wordlist,
self.user).run()
sys.exit()
# discovery
if self.target:
self._.run(self.agent, self.proxy, self.redirect, self.target)