wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 prior to 4.7.1 does not properly restrict listings of post authors, which allows remote malicious users to obtain sensitive information via a wp-json/wp/v2/users request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wordpress wordpress |
WordPress CVE-2017-5487 Exploit in Python
WordPress CVE-2017-5487 Exploit in Python Usage Examples: python3 krpexploitpy -h python3 krpexploitpy --url examplesitecom
Penetration scripts developed for POCs in my studies and VAPT works
Pentest-Scripts Penetration scripts developed over my studies and VAPT works wordpress_cve_2017_5487py
CVE-2017-5487-vulnerability-on-NSBM Test site: nsbmaclk Found Vulnerability:- CVE-2017-5487 Usage Download this repository(githubcom/Ravindu-Priyankara/CVE-2017-5487-vulnerability-on-NSBMgit) git clone githubcom/Ravindu-Priyankara/CVE-2017-5487-vulnerability-on-NSBMgit unzip and go to this folder cd '{my github folder name/}'
Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 -
wpUsersScan About wpUsersScan Enumerate the users list of the wordpress websites through the REST API / CVE-2017-5487,WordPress < 471 - Username Enumeration Usage $ python wpUsersScanpy URL How to install Clone Clone the repository with: $ git clone githubcom/R3K1NG/wpUsersScangit $ cd wpUsersScan $ python wpUsersS
WPEnum Part of Infohunt3r About WPEnum Enumerate the users list of the wordpress websites through the REST API / CVE-2017-5487,WordPress < 471 - Username Enumeration Installation $ git clone githubcom/sechunt3r/wpenumgit $ cd wpenum $ python wpenumpy Usage $ python wpenumpy URL
Brutepress Wordpress Bruteforce based in CVE-2017-5487 DISCLAIMER: All the scripts should be used for authorized penetration testing and/or educational purposes only Any misuse of this software will not be the responsibility of the author or of any other collaborator Use it at your own networks and/or with the network owner's permission Brutepress will look for users e
Red Team: Summary of Operations Table of Contents Exposed Services Critical Vulnerabilities Exploitation Network Scan To Identify All Available Networks: nmap -sS -PO 1921681* Target Identified Name: Target 1 IP Address: 1921681110 Target Machine Scan Nmap scan results for each machine reveal the below services and OS details: nmap -sV 192168110 The scan
A PoC exploit for CVE-2017-5487 - WordPress User Enumeration.
CVE-2017-5487 - WordPress User Enumeration A vulnerability has been discovered in the REST API implementation of WordPress 47 before 471 This vulnerability is present in the class-wp-rest-users-controllerphp file located in wp-includes/rest-api/endpoints The flaw arises from inadequate restrictions placed on the listings of post authors, which can be exploited by remote a
Bridges l9explore and Nuclei
L9 Nuclei plugin This L9 plugin re-implements a limited Nuclei template parser and runner Checkout ProjectDiscovery's awesome network tools for more information This allows for l9explore to stick to deep-protocol inspections while taking advantage of well maintained templates for web application scanning Features Uses upstream tag fields from l9events to match against
Wordpress Username Enumeration /CVE-2017-5487,WordPress < 4.7.1 -
wpUsersScan About wpUsersScan Enumerate the users list of the wordpress websites through the REST API / CVE-2017-5487,WordPress < 471 - Username Enumeration Usage $ python wpUsersScanpy URL How to install Clone Clone the repository with: $ git clone githubcom/ihebski/wpUsersScangit $ cd wpUsersScan $ python wpUsers
Project 7 - WordPress Pentesting Time spent: 12 hours spent in total Objective: Find, analyze, recreate, and document Three vulnerabilities affecting an old version of WordPress Pentesting Report 1 Authenticated XSS in comments (CVE-2019-9787) Summary: Wordpress did not properly filter comments, leading to remote code execution by unauthenticated user configuration Vulne
LeakIX maintained plugins implementing the l9format golang plugin interface.
l9 suite stock plugins This repository contains LeakIX maintained plugins implementing the l9format golang plugin interface They are currently used by l9explore but could be implemented by Go security tool Current plugins Plugin Protocols Stage Description Author apachestatus_http http http Checks for apache status pages configjson_http http http Scans for valid c
Project 7 - WordPress Pen Testing Time spent: 15 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pen Testing Report 1 (Required) Vulnerability Name or ID Summary: Vulnerability types: XSS (CVE-2015-5714) Tested in version: 42 (affects versions 40 - 43 Fixed in version: 425 GIF Walkth
CVE-2017-5487 Nama_Temuan -Target: [examplecom](lpbmteknokratacid/wp-json/wp/v2/users/] [seteknokratacid/wp-json/wp/v2/users/] -Severity: Medium (51) Deskripsi Deskripsi bla bla Impact Impact Impact Remendation Team IT bisa
POC of CVE-2017-5487 + tool
CVE-2017-5487 POC of CVE-2017-5487 + tool
l9explore - Digs the dirt
l9explore l9explore is a plugin based tool doing deep exploration on a wide range of protocols It can be used to expose leaks, misconfigurations and vulnerabilities on any IP network It is the last layer in the l9 tool suite Features Deep protocol exploration Plugin based system Low memory/CPU footprint Multistage (WIP) Current plugins Plugin Protocols Stage Descripti
The MRK WP REST Permissions Plugin
Fix Disclosure of Users Information via Wordpress API MRK Rest Permissions Plugin by MRK WP This plugin is a simple adjustment to make your user end points require authentication (serve 401) for non-logged in users without the edit post capability This is a perceived vulernability in WordPress The attacker will generally grab a list of users from the WordPress API, and then a
Wordpress xmlrpc.php自动爆破脚本
README 简介 简单的wordpress xmlrpcphp爆破脚本,可以自动从/wp/v2/users(CVE-2017-5487)接口获取用户名进行爆破,适用于大量的wordpress目标爆破 用法 1、自动从/wp/v2/users(CVE-2017-5487)接口获取用户名进行爆破 python3 wp_loginpy -u testcom -pwd passwordtxt -auto 2、指
Project 7 - WordPress Pentesting Time spent: 12 hours spent in total Objective: Find, analyze, recreate, and document Three vulnerabilities affecting an old version of WordPress Pentesting Report 1 Authenticated XSS in comments (CVE-2019-9787) Summary: Wordpress did not properly filter comments, leading to remote code execution by unauthenticated user configuration Vulne
Test |-- cqr |-- -7ab1fa06cc2b6337gif |-- directoryListmd |-- READMEmd |-- 0708 | |-- READMEmd |-- 0709 | |-- READMEmd | |-- 捕获PNG |-- 0710+11 | |-- copied from otherspy | |-- READMEmd |-- 0712 | |-- bling_inpy | |-- cve-2017-5487php | |-- pocpy | |-- READMEmd |-- 0713 |
This is a vulnerability in the Linux kernel that was discovered and disclosed in 2017.
CVE-2017-5487 is a vulnerability in the Linux kernel that was discovered and disclosed in 2017 The vulnerability allows a local attacker to gain root access to a system by exploiting a race condition in the key management subsystem of the kernel The vulnerability can be exploited by a user with a valid account on a affected system, and can be used to gain root privileges and
Codepath assignment 7
Project 7 - WordPress Pentesting Time spent: 5 hours spent in total Objective: Find, analyze, recreate, and document five vulnerabilities affecting an old version of WordPress Pentesting Report CVE-2017-1001000 Summary: The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controllerphp in the REST API in WordPress 47x before 472 does no
l9 suite stock plugins This repository contains LeakIX maintained plugins implementing the l9format golang plugin interface They are currently used by l9explore but could be implemented by Go security tool Current plugins Plugin Protocols Stage Description Author apachestatus_http http http Checks for apache status pages configjson_http http http Scans for valid c
l9 suite stock plugins This repository contains LeakIX maintained plugins implementing the l9format golang plugin interface They are currently used by l9explore but could be implemented by Go security tool Current plugins Plugin Protocols Stage Description Author apachestatus_http http http Checks for apache status pages configjson_http http http Scans for valid c
Wordpress
Jhonsonwannaa-CVE-2017-5487 Wordpress
l9 suite stock plugins This repository contains LeakIX maintained plugins implementing the l9format golang plugin interface They are currently used by l9explore but could be implemented by Go security tool Current plugins Plugin Protocols Stage Description Author apachestatus_http http http Checks for apache status pages configjson_http http http Scans for valid c
l9 suite stock plugins This repository contains LeakIX maintained plugins implementing the l9format golang plugin interface They are currently used by l9explore but could be implemented by Go security tool Current plugins Plugin Protocols Stage Description Author apachestatus_http http http Checks for apache status pages configjson_http http http Scans for valid c
l9 suite stock plugins This repository contains LeakIX maintained plugins implementing the l9format golang plugin interface They are currently used by l9explore but could be implemented by Go security tool Current plugins Plugin Protocols Stage Description Author apachestatus_http http http Checks for apache status pages configjson_http http http Scans for valid c
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp-json/wp/v2/users request.
CVE-2017-5487 Installation 📝 git clone githubcom/dream434/CVE-2017-5487 pip install -r requirementstxt Usage 🚀 python3 leak-wordpress-userpy -list urlstxt -number 10 Disclaimer ⚠️ Use this tool within a legal framework
Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.