• ✨Always Use Forum Private Messages PM For Deal With Vendors✨

    Admin Contacts Jabber: megiddo@jabber.sk Telegram: @Megiddo1

Xmlrpc Bruteforcer - An Xmlrpc Brute Forcer Targeting Wordpress

✨ DeeZNuTz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
982
Likes
760
Points
1,045

An XMLRPC brute forcer targeting Wordpress written in Python 3. In the context of xmlrpc brute forcing, its faster than Hydra and WpScan. It can brute force 1000 passwords per second.

Usage
Code:
python3 xmlrcpbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt username
python3 xmlrpcbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt userlist.txt

Bugs
If you get an xml.etree.ElementTree.ParseError:
  • Did you forget to add 'xmlrpc' in the url ?
  • Try to add or remove 'https' or 'www'.
I'm working on the Exception Handling. Will fix it soon.
Download Xmlrpc-Bruteforcer
 
Top Bottom