WordpressPingbackPortScanner
Ruby
Latest commit 8af044b Jan 9, 2015 @FireFart Update README.md
Permalink
Failed to load latest commit information.
.gitignore Gitignore Jan 3, 2013
CREDITS Added credits Dec 12, 2012
Gemfile use gemfile Jul 21, 2013
Gemfile.lock use gemfile Jul 21, 2013
README.md Update README.md Jan 9, 2015
wppps.rb use gemfile Jul 21, 2013

README.md

WordpressPingbackPortScanner

Wordpress exposes a so called Pingback API to link to other blogposts. Using this feature you can scan other hosts on the intra- or internet via this server. You can also use this feature for some kind of distributed port scanning: You can scan a single host using multiple Wordpress Blogs exposing this API. This issue was fixed in Wordpress 3.5.1. Older versions are vulnerable, if the XML-RPC Interface is active.

http://www.acunetix.com/blog/web-security-zone/wordpress-pingback-vulnerability/

Examples

Before you start you need to install all dependencies with

gem install bundler
bundle install

Quick-scan a target via a blog:

ruby wppps.rb -t http://www.target.com http://www.myblog.com/

Use multiple blogs to scan a single target:

ruby wppps.rb -t http://www.target.com http://www.myblog1.com/ http://www.myblog2.com/ http://www.myblog3.com/

Scan a free wordpress.com blog (all ports) from the internal network:

ruby wppps.rb -a -t http://localhost http://myblog.wordpress.com/