Vidoc logo

Module library

All modulesVisit vidocsecurity.com
Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Start for free

Wordpress XMLRPC Pingback detection

By kannthu

Informative
Vidoc logoVidoc Module
#wordpress#ssrf#oast#xmlrpc
Description

What is the "Wordpress XMLRPC Pingback detection?" module?

The "Wordpress XMLRPC Pingback detection" module is designed to detect a specific vulnerability related to the XML-RPC functionality in WordPress. This module targets WordPress websites and aims to identify if the pingback.ping method is enabled, which can potentially lead to server-side request forgery (SSRF) attacks. The severity of this vulnerability is classified as informative, indicating that it provides valuable information but does not pose an immediate threat.

This module was authored by pdteam.

Impact

If the pingback.ping method is enabled and misconfigured, it can be exploited by attackers to perform SSRF attacks. This can allow them to make arbitrary requests to internal resources or external systems, potentially leading to unauthorized access, data leakage, or further exploitation of vulnerabilities.

How does the module work?

The "Wordpress XMLRPC Pingback detection" module works by sending a POST request to the "/xmlrpc.php" endpoint of the target WordPress website. The request includes a specific XML-RPC payload that invokes the "pingback.ping" method. The module then checks if the response contains the expected interaction protocol, which in this case is "http".

Here is an example of the HTTP request sent by the module:

POST /xmlrpc.php HTTP/1.1
Host: <Hostname>

<methodCall>
  <methodName>pingback.ping</methodName>
  <params>
    <param>
      <value>
        <string>http://<InteractionURL></string>
      </value>
    </param>
    <param>
      <value>
        <string>/?p=1</string>
      </value>
    </param>
  </params>
</methodCall>

The module also includes a matching condition that checks if the response contains the "http" protocol, indicating that the pingback.ping method is enabled.

It's important to note that this module is part of the Vidoc platform, which utilizes multiple modules to perform scanning. Each module represents a specific test case that can detect misconfigurations, vulnerabilities, or software fingerprints.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: http
Passive global matcher
No matching conditions.
On match action
Report vulnerability