800+ IT
News
als RSS Feed abonnieren๐ Sifchain: xmlrpc.php And /wp-json/wp/v2/users FILE IS enable it will used for bruteforce attack and denial of service
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vulners.com
Hi Team :) i am abbas heybati ;) Summary: After reviewing the given scope, I realized that the main domain "http://sifchain.finance" has several vulnerabilities that I will report to you as a scenario. I realize that I have reported to you outside of Scope. The report is related to the mentioned company and the vulnerability can endanger your business. I consider it my duty to report this vulnerability to you. the XML-RPC interface opens two kinds of attacks: https://sifchain.finance/xmlrpc.php XML-RPC pingbacks Brute force attacks via XML-RPC And in the /wp-json/wp/v2/users path, it reveals all the user information https://sifchain.finance/wp-json/wp/v2/users Steps To Reproduce: For the two vulnerabilities listed above in the xmlrpc.php section, first post a request to xmlrpc.php for <methodName> system.listMethods </methodName> given Post Request: ``` POST /xmlrpc.php HTTP/1.1 Host: sifchain.finance User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Cookie: __cfduid=dcb7a4e2b0f6a7042e39b0bd33aa4128a1617428272 Upgrade-Insecure-Requests: 1 Content-Length: 135 system.listMethods ``` Response: ``` HTTP/1.1 200 OK Date: Sat, 03 Apr 2021 05:49:32 GMT Content-Type: text/xml; charset=UTF-8 Connection: close Strict-Transport-Security: max-age=15552000; includeSubDomains Vary:... ...