{"id":19086685,"url":"https://github.com/kuduxaaa/wp-doser","last_synced_at":"2025-04-30T09:45:42.157Z","repository":{"id":135438444,"uuid":"459497863","full_name":"Kuduxaaa/wp-doser","owner":"Kuduxaaa","description":"Wordpress and Drupal XMLRPC Attack (DoS)","archived":false,"fork":false,"pushed_at":"2022-02-15T09:22:26.000Z","size":8,"stargazers_count":7,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-19T00:41:06.698Z","etag":null,"topics":["denial-of-service","wordpress","wordpress-vulnerability","wp-doser","xmlrpc","xmlrpc-dos"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Kuduxaaa.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-02-15T08:48:44.000Z","updated_at":"2025-02-06T02:07:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"10ba97c7-26dd-4bac-810a-f874e72656d0","html_url":"https://github.com/Kuduxaaa/wp-doser","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kuduxaaa%2Fwp-doser","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kuduxaaa%2Fwp-doser/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kuduxaaa%2Fwp-doser/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Kuduxaaa%2Fwp-doser/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Kuduxaaa","download_url":"https://codeload.github.com/Kuduxaaa/wp-doser/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251678085,"owners_count":21626283,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["denial-of-service","wordpress","wordpress-vulnerability","wp-doser","xmlrpc","xmlrpc-dos"],"created_at":"2024-11-09T03:00:12.961Z","updated_at":"2025-04-30T09:45:42.151Z","avatar_url":"https://github.com/Kuduxaaa.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ☠️ Wordpress DoSer\nWordpress and Drupal XMLRPC Attack (DoS). XMLRPC is older than WordPress itself. This system was introduced to WordPress to fight the slow internet connection dilemma by helping the users write new posts offline and then uploaded them to the server. The ability to connect WordPress remotely with other applications was only possible with the `xmlrpc.php` file. XMLRPC parsing is vulnerable to a XML based denial of service. **Works on all WordPress sites where xmlrpc.php file manipulation is allowed**\n\n------\n\n# ⚠️ Warining\nThe author assumes no responsibility for the illegal use of the information provided (the script is educational in nature and its unauthorized implementation is punishable by law)\n\n-----\n\n## ✨ Usage\nFirst of all you need to clone this script and install requirements\n```bash\n$ git clone https://github.com/Kuduxaaa/wp-doser\n$ cd wp-doser\n$ pip3 install -r requirements.txt\n```\n\n⚙️ Arguments for use and instructions\n\n```\nusage: exploit.py [-h] [-u URL] [-i IP] [-v VIRTUALHOST] [-m MULTIPLE]\n                 [-t THREADS] [-xp XMLPATH]\n\noptional arguments:\n\n  -h, --help            show this help message and exit\n  -u, --url             Target website URL\n  -i, --ip              Target website IP Address\n  -v, --virtualhost     Target website hostname (if enter only ip)\n  -m, --multiple        Repeat several times\n  -t, --threads         Threads count\n  -xp, --xmlpath        XMLRPC path\n```\n\n## 💖 Useful links\n - [What is XMLRPC and How You Can Stop Hackers From Using It To Hurt Your Online Business](https://servebolt.com/articles/what-is-xmlrpc-and-how-you-can-stop-hackers-from-using-it-to-hurt-your-online-business/)\n - [ Wordpress XMLRPC DoS ](https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkuduxaaa%2Fwp-doser","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkuduxaaa%2Fwp-doser","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkuduxaaa%2Fwp-doser/lists"}