http-wordpress-brute
脚本使用类型:
portrule
脚本所属分类:
intrusive, brute
脚本下载地址: http://nmap.org/svn/scripts/http-wordpress-brute.nse
performs brute force password auditing against Wordpress CMS/blog installations.
This script uses the unpwdb and brute libraries to perform password guessing. Any successful guesses are stored using the credentials library.
Wordpress default uri and form names:
wp-login.php
log
pwd
sets the number of threads. Default: 3
Other useful arguments when using this script are:
Based on Patrik Karlsson's http-form-brute
points to the file 'wp-login.php'. Default /wp-login.php
sets the http-variable name that holds the username used to authenticate. Default: log
sets the host header in case of virtual hosting
sets the http-variable name that holds the password used to authenticate. Default: pwd
执行格式
nmap -sV --script http-wordpress-brute <target> nmap -sV --script http-wordpress-brute --script-args 'userdb=users.txt,passdb=passwds.txt,http-wordpress-brute.hostname=domain.com, http-wordpress-brute.threads=3,brute.firstonly=true' <target>
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-wordpress-brute: | Accounts | 0xdeadb33f:god => Login correct | Statistics |_ Perfomed 103 guesses in 17 seconds, average tps: 6
Author: Paulino Calderon
License: VER007 整理 http://www.ver007.com