Attackers use xmlrpc. php to crack WordPress.

Attackers use xmlrpc. php to crack WordPress.

In recent days, wordpress community members reported that they were under brute-force attack by using "title =" \ "> xmlrpc. php. Using the interface provided by xmlrpc. php, you can try to guess your password and bypass wordpress's restrictions on brute-force cracking. We have found a large scale of exploitation. If xmlrpc is enabled, you need to fix it as soon as possible.Install or upgrade the Login Security Solutin plugin

Generally, wZ tasks? Http://www.bkjia.com/kf/ware/vc/ "target =" _ blank "class =" keylink "> vcmRwcmVzc7XHwry907/align =" text-align: center; ">

Such attacks using xmlrpc. php can bypass these restrictions. Attackers can directly POST the following data to xmlrpc. php.

<?xml version="1.0" encoding="iso-8859-1"?><methodCall>  <methodName>wp.getUsersBlogs</methodName>  <params>   <param><value>username</value></param>   <param><value>password</value></param>  </params></methodCall>

The username field is the pre-collected user name. Password is the password of the attempt. For more information about the getUsersBlogs interface, refer to the official guide. If the password is correct, return:

Password error 403:

If you use intruder for testing, the server has no restrictions.

& Lt; img src = "http://www.bkjia.com/uploads/allimg/140804/041U245T-3.jpg! Small "title =" free11.jpg "/& gt; & lt;/p & gt; & Lt; img src = "http://www.bkjia.com/uploads/allimg/140804/041U25019-4.jpg! Small "title =" 1.jpg"/& gt; & lt;/p & gt; & Lt; img src = "http://www.bkjia.com/uploads/allimg/140804/041U21258-5.jpg! Small "title =" 2.jpg"/& gt; & lt; br/& gt; & lt;/p & gt;