search

1N3 / Wordpress-XMLRPC-Brute-Force-Exploit

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
https://crowdshield.com
444 stars 198 forks source link

MemoryError on xmlrpc brute v2 #38

Open Cvar1984 opened 2 years ago

Cvar1984 commented 2 years ago 
  File "....", line 120, in <module>
    passwds = f.read().splitlines()

wordlist size 165G sysinfo

                   '                      cvar1984@artix 
                  'o'                     -------------- 
                 'ooo'                    OS: Artix Linux x86_64 
                'ooxoo'                   Kernel: 5.18.10-artix1-1 
               'ooxxxoo'                  Uptime: 1 day, 5 hours, 58 mins 
              'oookkxxoo'                 Packages: 1197 (pacman), 6 (flatpak) 
             'oiioxkkxxoo'                Shell: bash 5.1.16 
            ':;:iiiioxxxoo'               Resolution: 1920x1080, 1920x1080 
               `'.;::ioxxoo'              DE: Plasma 5.25.3 
          '-.      `':;jiooo'             WM: KWin 
         'oooio-..     `'i:io'            Theme: Artix-dark [Plasma], WhiteSur-dark [GTK2/3] 
        'ooooxxxxoio:,.   `'-;'           Icons: [Plasma], Win11 [GTK2/3] 
       'ooooxxxxxkkxoooIi:-.  `'          Terminal: konsole 
      'ooooxxxxxkkkkxoiiiiiji'            CPU: Intel i7-10700F (16) @ 4.800GHz 
     'ooooxxxxxkxxoiiii:'`     .i'        GPU: AMD ATI Radeon HD 7850 / R7 265 / R9 270 1024SP 
    'ooooxxxxxoi:::'`       .;ioxo'       Memory: 17193MiB / 31954MiB 
   'ooooxooi::'`         .:iiixkxxo'
  'ooooi:'`                `'';ioxxo'                             
 'i:'`                          '':io'                            
'`                                   `'
Darkcast commented 1 year ago

same here on a 91g list

blackito404 commented 1 year ago

passwds = f.read().splitlines() File "/usr/lib/python3.9/codecs.py", line 322, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf1 in position 5079973: invalid continuation byt

litobro commented 1 year ago

passwds = f.read().splitlines() File "/usr/lib/python3.9/codecs.py", line 322, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf1 in position 5079973: invalid continuation byt

This is a different issue, you have an encoding problem with your wordlist which can be fixed by re-encoding. See https://github.com/wpscanteam/wpscan/issues/190 on the wpscan repo.

jujuo0o commented 1 year ago

The script doesn't run on python3. Try it on python2.7