Skip to content

Latest commit

 

History

History
34 lines (27 loc) · 1.52 KB

README.md

File metadata and controls

34 lines (27 loc) · 1.52 KB

MASS XMLRPC Brure Force

XML-RPC brute force refers to a type of cyberattack where an attacker repeatedly attempts to guess usernames and passwords via the XML-RPC interface in WordPress.

  • XML-RPC Interface: WordPress provides an XML-RPC interface via the xmlrpc.php script, enabling remote procedure calling using HTTP and XML.
  • Attack Method: Attackers use tools to automate the process of trying different username and password combinations until they gain unauthorized access to the CMS.
  • Risk: Brute force attacks pose a significant security risk, potentially leading to unauthorized access, data breaches, and website defacement.

Requirements

  • Python 3.x
  • The requests package (requests and colorama)

Key Features

  • Auto search username wordpress.
  • With module threading to make fastest brute force.
  • Support http/https in ur list.
  • Add password at passwd.txt and don't delete it
  • Result brute at g00d.txt

Password Features

  • [WPLOGIN] = username wordpress
  • [UPPERLOGIN] = username with capslock example ADMIN
  • [DOMAIN] = domain.com
  • [UPPERDOMAIN] = domain with capslock example DOMAIN.COM
  • [FULLDOMAIN] = https://domain.com

How To Usage

python3 xml.py

DISCLAIMER

This script should only be used for educational purposes and ethical hacking. Unauthorized access to computer systems is illegal and unethical. Ensure you have explicit permission before testing any system. AND WE DO NOT CONDONE ANY ILLEGAL ACTIVITIES