Closed jdkarbor closed 7 years ago
Not sure exactly but 403 codes usually indicate access denied. It could be that XML-RPC requests are disabled on the server or that there's a security plugin enabled that's preventing login requests via xmlrpc.php. I'm not sure if this vuln has been patched or not but it's also possible that the version of Wordpress you're testing isn't vulnerable as well.
Despite my best efforts to make this work, I've had no success. After uncommenting all "print content" it shows that all attempts are a fault? Tried the included passwords.txt, along with kali's wonderful rockyou list. no luck. Any ideas?
`
` Attempting a different username, graced me with this output.