This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature

Related tags

Security related resourcesrpckiller
Overview

rpckiller

This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature and with that you can further try to escalate it to -

  1. Internal Port scans
  2. DOS [HTTP Reflection attack]
  3. brute force attacks
  4. Disclose sensitive info disclosure [case by case]

Installation

pip3 install urllib3 requests

Usage

python3 rpckiller.py http(s)://target/xmlrpc.php collab.net/localhost:port '/endpoint/'

Note

This script does Out of Band detection using the burp collaborator or you can use any other service , also you can check for port scans by adding a list of ports and automate it and look at the response on the screen. If the int value is greater than 0 then port is Open as we assume .

"This script does the basic check so make sure to have a good list of endpoints gathered from the target you testing in order to get proper interaction"

Developer

D0rkerDevil

References

https://the-bilal-rizwan.medium.com/wordpress-xmlrpc-php-common-vulnerabilites-how-to-exploit-them-d8d3c8600b32

https://shahjerry33.medium.com/cross-site-port-attack-a-strangers-call-c2467f93792f

https://www.a10networks.com/blog/wordpress-pingback-attack/

License

MIT

Owner
Ashish Kunwar
Researcher at RISKIQ | I deal with 0days and malwares
Ashish Kunwar
GitHub Repository
Official repository for Pyew.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

Joxean 362 Nov 28, 2022
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

zeze 1 Jan 13, 2022
Port scanner tool with easy installation

ort scanner tool with easy installation! Python programming language is used and The text in the program is Georgian 3

2 Mar 24, 2022
The Decompressoin tool for Vxworks MINIFS

MINIFS-Decompression The Decompression tool for Vxworks MINIFS filesystem. USAGE python minifs_decompression.py [target_firmware] The example of Mercu

8 Jan 03, 2023
Proof of concept to check if hosts are vulnerable to CVE-2021-41773

CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773. Description (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV

Jordan Jay 43 Nov 09, 2022
DoSer.py - Simple DoSer in Python

DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this

8 Sep 02, 2022
Convert a collection of features to a fixed-dimensional matrix using the hashing trick.

FeatureHasher Convert a collection of features to a fixed-dimensional matrix using the hashing trick. Note, this requires Jina=2.2.4. Example Here I

Jina AI 5 Mar 15, 2022
GitHub Advance Security Compliance Action

advanced-security-compliance This Action was designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Sca

Mathew Payne 121 Dec 14, 2022
π™Ύπš™πšŽπš— πš‚πš˜πšžπš›πšŒπšŽ πš‚πšŒπš›πš’πš™πš - π™½πš˜ π™²πš˜πš™πš’πš›πš’πšπš‘πš - πšƒπšŽπšŠπš– πš†πš˜πš›πš” - πš‚πš’πš–πš™πš•πšŽ π™Ώπš’πšπš‘πš˜πš— π™Ώπš›πš˜πš“πšŽπšŒπš - π™²πš›πšŽπšŠπšπšŽπš π™±πš’ : π™°πš•πš• πšƒπšŽπšŠπš– - π™²πš˜πš™πš’π™ΏπšŠπšœπš π™²πšŠπš— π™½πš˜πš π™ΌπšŠπš”πšŽ 𝚈𝚘𝚞 πšπšŽπšŠπš• π™Ώπš›πš˜πšπš›πšŠπš–πš–πšŽπš›

π™Ύπš™πšŽπš— πš‚πš˜πšžπš›πšŒπšŽ πš‚πšŒπš›πš’πš™πš - π™½πš˜ π™²πš˜πš™πš’πš›πš’πšπš‘πš - πšƒπšŽπšŠπš– πš†πš˜πš›πš” - πš‚πš’πš–πš™πš•πšŽ π™Ώπš’πšπš‘πš˜πš— π™Ώπš›πš˜πš“πšŽπšŒπš - π™²πš›πšŽπšŠπšπšŽπš π™±πš’ : π™°πš•πš• πšƒπšŽπšŠπš– - π™²πš˜πš™πš’π™ΏπšŠπšœπš π™²πšŠπš— π™½πš˜πš π™ΌπšŠπš”πšŽ 𝚈𝚘𝚞 πšπšŽπšŠπš• π™Ώπš›πš˜πšπš›πšŠπš–πš–πšŽπš›

CodeX-ID 2 Oct 27, 2022
Log4j rce test environment and poc

log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione

Leon Jacobs 307 Dec 24, 2022
Fast and easy way to rollout on multiple GitLab project file a particular content.

Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop

Lujeni 4 Jan 17, 2022
High level cheatsheet that was designed to make checks on the OSCP more manageable

High level cheatsheet that was designed to make checks on the OSCP more manageable. This repository however could also be used for your own studying or for evaluating test systems like on HackTheBox

Jacob Scheetz 89 Jan 01, 2023
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

EntySec 118 Dec 24, 2022
Automated tool to exploit basic buffer overflow remotely and locally & x32 and x64

Automated tool to exploit basic buffer overflow (remotely or locally) & (x32 or x64)

5 Oct 09, 2022
log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

说明 about author: ζˆ‘θΆ…ζ€•ηš„ blog: https://www.cnblogs.com/iAmSoScArEd/ github: https://github.com/iAmSOScArEd/ date: 2021-12-20 log4j2 dos exploit log4j2 do

3 Aug 13, 2022
Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions

dns-mf-hazard Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions How to use it? Installation You need python

Marek Wajdzik 2 Jan 01, 2022
Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

Axel Souchet 220 Dec 14, 2022
Gefilte Fish GMail filter creator

Gefilte Fish: GMail filter maker Gefilte Fish automates the creation of GMail filters. Use it like this: from gefilte import GefilteFish,

Ned Batchelder 31 Sep 28, 2022
CVE 2020-14871 Solaris exploit

CVE 2020-14871 Solaris exploit This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems. The act

Robin Massink 2 Oct 25, 2022
A OSINT tool coded in python

Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool

Aidan 2 Mar 20, 2022