Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2018-6389 PoC — WordPress 安全漏洞

Source
https://github.com/alessiogilardi/PoC---CVE-2018-6389
Associated Vulnerability
Title:WordPress 安全漏洞 (CVE-2018-6389)
Description:In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times.
Readme
# PoC - CVE-2018-6389
Proof of Concept of vunerability CVE-2018-6389 on Wordpress 4.9.2.

This vulnerability lets a remote unauthenticated attacker to cause DoS of a Wordpress based web application.

Presentazione: [docs.google.com/presentation](https://docs.google.com/presentation/d/1p-6mPm36V_OtztjfcrBFJ9u3nJ2NXicfcYJpPrsYE1o/edit?usp=sharing)


# DoSer Python Tool

```
usage: mydoser_get.py [-h] [-t THREADS] [-u URL]

Sending unlimited requests to perform DoS attack.

optional arguments:
  -h, --help            show this help message and exit
  -t THREADS, --threads THREADS
                        Specify number of threads to be used
  -u URL, --url URL     Specify the explitable URL. Usage: -u | --url '<url>'
```
File Snapshot

 [4.0K]  /data/pocs/9c1468f6982ad0c3b45191fb05b75c358b89705d
├── [4.5K]  mydoser_get.py
├── [2.7K]  mydoser_get_test.sh
└── [ 729]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →