GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → 1N3 → Wordpress Xmlrpc Brute Force Exploit

1N3 / Wordpress Xmlrpc Brute Force Exploit

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield

Programming Languages

python
139335 projects - #7 most used programming language

Labels

wordpressexploitpoc

Projects that are alternatives of or similar to Wordpress Xmlrpc Brute Force Exploit

Scripts-Sploits
A number of scripts POC's and problems solved as pentests move along.
Stars: ✭ 37 (-88.25%)
Mutual labels:  exploit, poc
CVE-2021-33766
ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit
Stars: ✭ 37 (-88.25%)
Mutual labels:  exploit, poc
Exploits
A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in conjunction with these exploits.
Stars: ✭ 75 (-76.19%)
Mutual labels:  exploit, poc
dheater
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (-54.92%)
Mutual labels:  exploit, poc
CVE-2018-7750
an RCE (remote command execution) approach of CVE-2018-7750
Stars: ✭ 18 (-94.29%)
Mutual labels:  exploit, poc
PoC-Bank
Focus on cybersecurity | collection of PoC and Exploits
Stars: ✭ 83 (-73.65%)
Mutual labels:  exploit, poc
CVE-2021-44228-PoC-log4j-bypass-words
🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Stars: ✭ 760 (+141.27%)
Mutual labels:  exploit, poc
M3m0
M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (-60.63%)
Mutual labels:  wordpress, exploit
Exploit-Development
Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
Stars: ✭ 84 (-73.33%)
Mutual labels:  exploit, poc
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
Stars: ✭ 538 (+70.79%)
Mutual labels:  exploit, poc
Icg Autoexploiterbot
Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (-23.17%)
Mutual labels:  wordpress, exploit
Cve 2019 1003000 Jenkins Rce Poc
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
Stars: ✭ 270 (-14.29%)
Mutual labels:  exploit, poc
Killshot
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (-24.76%)
Mutual labels:  wordpress, exploit
PocOrExp in Github
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.
Stars: ✭ 544 (+72.7%)
Mutual labels:  exploit, poc
Php Antimalware Scanner
AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (-42.54%)
Mutual labels:  wordpress, exploit
Umbraco-RCE
Umbraco CMS 7.12.4 - (Authenticated) Remote Code Execution
Stars: ✭ 61 (-80.63%)
Mutual labels:  exploit, poc
Xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+184.76%)
Mutual labels:  wordpress, exploit
M0b Tool
exploit
Stars: ✭ 68 (-78.41%)
Mutual labels:  wordpress, exploit
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-92.38%)
Mutual labels:  exploit, poc
Commodity Injection Signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-15.24%)
Mutual labels:  exploit, poc
View All Similar Projects ➔

Wordpress XMLRPC System Multicall Brute Force Exploit by 1N3 Last Updated: 20170215 https://crowdshield.com

ABOUT:

This is an exploit for Wordpress xmlrpc.php System Multicall function affecting the most current version of Wordpress (3.5.1). The exploit works by sending 1,000+ auth attempts per request to xmlrpc.php in order to "brute force" valid Wordpress users and will iterate through whole wordlists until a valid user response is acquired. It will then selectively acquire and display the valid username and password to login.

USAGE:

./wp-xml-brute http://target.com/xmlrpc.php passwords.txt username1 [username2] [username3]...

LICENSE:

This software is free to distribute, modify and use with the condition that credit is provided to the creator ([email protected]) and is not for commercial use.

DONATIONS:

Donations are welcome. This will help fascilitate improved features, frequent updates and better overall support.

  • [x] BTC 1Fav36btfmdrYpCAR65XjKHhxuJJwFyKum
  • [x] DASH XoWYdMDGb7UZmzuLviQYtUGb5MNXSkqvXG
  • [x] ETH 0x20bB09273702eaBDFbEE9809473Fd04b969a794d
  • [x] LTC LQ6mPewec3xeLBYMdRP4yzeta6b9urqs2f
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].