Skip to content

Kuduxaaa/wp-doser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
exploit.py
exploit.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

☠️ Wordpress DoSer

Wordpress and Drupal XMLRPC Attack (DoS). XMLRPC is older than WordPress itself. This system was introduced to WordPress to fight the slow internet connection dilemma by helping the users write new posts offline and then uploaded them to the server. The ability to connect WordPress remotely with other applications was only possible with the xmlrpc.php file. XMLRPC parsing is vulnerable to a XML based denial of service. Works on all WordPress sites where xmlrpc.php file manipulation is allowed

⚠️ Warining

The author assumes no responsibility for the illegal use of the information provided (the script is educational in nature and its unauthorized implementation is punishable by law)

✨ Usage

First of all you need to clone this script and install requirements

$ git clone https://github.com/Kuduxaaa/wp-doser
$ cd wp-doser
$ pip3 install -r requirements.txt

⚙️ Arguments for use and instructions

usage: exploit.py [-h] [-u URL] [-i IP] [-v VIRTUALHOST] [-m MULTIPLE]
                 [-t THREADS] [-xp XMLPATH]

optional arguments:

  -h, --help            show this help message and exit
  -u, --url             Target website URL
  -i, --ip              Target website IP Address
  -v, --virtualhost     Target website hostname (if enter only ip)
  -m, --multiple        Repeat several times
  -t, --threads         Threads count
  -xp, --xmlpath        XMLRPC path

💖 Useful links

About

Wordpress and Drupal XMLRPC Attack (DoS)

Topics

wordpress denial-of-service xmlrpc xmlrpc-dos wordpress-vulnerability wp-doser

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages