Wordpress xmlrpc.php -common vulnerabilites & how to exploit them

What is XML-RPC ?

Common Vulnerabilities in XML-RPC

BruteForce attack

  1. This is what you originally see when you try to open the xmlrpc.php located at
    http://<targetWebSite.com>/<wordpress directory>/xmlrpc.php

Other attacks ?
XSPA or simply port scanning !

  1. List all the methods and search for the following
    pingback.ping’

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Technical Analysis Library: Solving the Legacy Code Issue

SIMPLE CTF (THM)

Get Commodity Metals Prices in CHF with an API

Dear Developer: This is How You Center a Div

One doest not simply center a div meme

Data Structure and Algorithm using Swift

Monitor Your Flask Web Application Automatically With Flask-Monitoring-Dashboard

Everything Right and Wrong with C++

Why the future of enterprise IT includes containers, clouds and, yes, IBM

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
+Bilal Rizwan

+Bilal Rizwan

More from Medium

Installing Parrot in Virtual Box

Let’s learn WebApp Pentest from basic on DVWA. From setup to hack. Part 1.

XSS Vulnerability Part 1

A bad Combination: Unprivileged Remote Code Execution and privileged File Write