POC for XML-PRC ?
#1
WordPress XML-RPC authentication brute force
WordPress provides an XML-RPC interface via the xmlrpc.php script. XML-RPC is remote procedure calling using HTTP as the transport and XML as the encoding. An attacker can abuse this interface to brute force authentication credentials using API calls such as wp.getUsersBlogs.
Discovered by /Scripts/WebApps/wordpress_5.script


How to run POC for this vulnerability ?
Server IP : 192.185.35.67
Web-based : wordpress

thanks !
Reply
#2
Real the POC and CVE to figure it out. That's what it's for.
https://medium.com/@the.bilal.rizwan/wor...d3c8600b32
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [PoC] RunBox.com x MailChimp.com - Stored XSS Vulnerabilities (Bug Bounty Hunting) Daisuke Dan 3 5,733 04-24-2019, 08:47 PM
Last Post: thunder
  PoC - PHP GroupWare Headlines Admin SQLi MLT 0 3,021 12-24-2015, 11:48 AM
Last Post: MLT
  [PoC] BoxBilling - Persistent XSS Nerdie 0 3,060 12-06-2015, 12:58 AM
Last Post: Nerdie
  [PoC] Private.me Reflected Cross-Site Scripting [Bug Bounty Hunting] Daisuke Dan 6 5,904 07-20-2015, 01:58 PM
Last Post: Root