GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → kavishgr → xmlrpc-bruteforcer

kavishgr / xmlrpc-bruteforcer

Licence: other
An XMLRPC brute forcer targeting Wordpress written in Python 3. (DISCONTINUED)

Programming Languages

python
139335 projects - #7 most used programming language

Labels

linuxwordpressunixosxhackingpenetration-testingxml-rpc

Projects that are alternatives of or similar to xmlrpc-bruteforcer

Punk.py
unix SSH post-exploitation 1337 tool
Stars: ✭ 107 (+72.58%)
Mutual labels:  unix, penetration-testing
Narthex
Modular personalized dictionary generator.
Stars: ✭ 156 (+151.61%)
Mutual labels:  unix, penetration-testing
colocat
Fegeya Colocat, Colorized 'cat' implementation. Written in C++17.
Stars: ✭ 14 (-77.42%)
Mutual labels:  unix
Web-Penetration-Testing-with-Kali-Linux-Third-Edition
Web Penetration Testing with Kali Linux - Third Edition, published by Packt
Stars: ✭ 20 (-67.74%)
Mutual labels:  penetration-testing
hathi
A dictionary attack tool for PostgreSQL and MSSQL
Stars: ✭ 33 (-46.77%)
Mutual labels:  penetration-testing
BindToInterface
With this program you can bind applications to a specific network interface / network adapter. This is very useful if you have multiple (internet) connections and want your program to use a specific one.
Stars: ✭ 67 (+8.06%)
Mutual labels:  unix
godzilla
a powerful go web framework
Stars: ✭ 22 (-64.52%)
Mutual labels:  unix
ft select
A robust file browser and manager in the terminal.
Stars: ✭ 14 (-77.42%)
Mutual labels:  unix
PyParser-CVE
Multi source CVE/exploit parser.
Stars: ✭ 25 (-59.68%)
Mutual labels:  penetration-testing
tugarecon
Pentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+129.03%)
Mutual labels:  penetration-testing
AiliceOS
AiliceOS: Build an x86_64 and UEFI OS using Rust
Stars: ✭ 59 (-4.84%)
Mutual labels:  unix
pidp11-2.11bsd
Using the historical unix 2.11 BSD operating system on the PiDP-11. With examples such as cool-retro-weatherstation.
Stars: ✭ 57 (-8.06%)
Mutual labels:  unix
venomlinux.org
Source Based Linux Distribution
Stars: ✭ 17 (-72.58%)
Mutual labels:  unix
DevBrute-A Password Brute Forcer
DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (+46.77%)
Mutual labels:  penetration-testing
luadch
ADC Hub Server
Stars: ✭ 46 (-25.81%)
Mutual labels:  unix
rust-font-loader
A font loading utility written in rust.
Stars: ✭ 44 (-29.03%)
Mutual labels:  unix
rTerm
Fake UNIX terminal for personal pages
Stars: ✭ 19 (-69.35%)
Mutual labels:  unix
frisbee
Collect email addresses by crawling search engine results.
Stars: ✭ 29 (-53.23%)
Mutual labels:  penetration-testing
Ob3vil1on
Another archive cracker created in python | cracking [zip/7z/rar] by bruteforcing [ NOT MAINTAINED ]
Stars: ✭ 17 (-72.58%)
Mutual labels:  unix
oneliners.txt
oneliners.txt
Stars: ✭ 64 (+3.23%)
Mutual labels:  unix
View All Similar Projects ➔

An XMLRPC BruteForcer for Wordpress - Inpired by (1N3@CrowdShield)

Note - This project is discontinued. No more updates will be provided! Sorry!

I switched to golang :-)

Fork it/do whatever you want with it.

Twitter - Telegram - Blog

Available in

Usage

python3 xmlrcpbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt username
python3 xmlrpcbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt userlist.txt ( >>in progess<<)

Bugs

If you get an xml.etree.ElementTree.ParseError:

  • Did you forget to add 'xmlrpc' in the url ?
  • Try to add or remove 'https' or 'www'.

TODO

  • Exception Handling for xml.etree.ElementTree.ParseError
  • 'userlist' enumeration

Demo

MacBook-Pro: kavish$ python3 xmlrpcbruteforce.py http://192.168.100.34/xmlrpc.php 10k-most-common.txt elliot

---------------Examining Target--------------------

[>] Target is vulnerable.

--=[Target: http://192.168.100.34/xmlrpc.php]=--

        	[...Bruteforcing...]
--=[Tried: 1000 passwords]=--
--=[Tried: 2000 passwords]=--
--=[Tried: 3000 passwords]=--
--------------- BRUTEFORCE SUCCESSFULL  ---------------
--=[User found]=--
Login: elliot
Password: ER28-0652
--=[Exiting...]=--
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].