From 93fb3b464bb6a70e72dc50f02e1913ded29c5c9d Mon Sep 17 00:00:00 2001 From: Devansh7006 Date: Fri, 27 Mar 2026 15:04:49 +0530 Subject: [PATCH 1/4] Add WordPress Pingback Access Scanner documentation This document outlines the WordPress Pingback Access Scanner module, its verification steps, options, and scenarios for use in security assessments. --- .../scanner/http/wordpress_pingback_access.md | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md diff --git a/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md new file mode 100644 index 0000000000..4a3c0bf084 --- /dev/null +++ b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md @@ -0,0 +1,63 @@ +# WordPress Pingback Access Scanner + +## Vulnerable Application + +This module checks for accessible WordPress pingback functionality. + +Pingback is an XML-RPC feature in WordPress that allows blogs to notify each other of references. If enabled, it can be abused for: + +- DDoS amplification attacks +- Internal network scanning +- Information disclosure + +To test this module: + +1. Set up a WordPress instance (any version with XML-RPC enabled) +2. Ensure `/xmlrpc.php` is accessible +3. Pingback functionality should not be disabled + +--- + +## Verification Steps + +1. Start Metasploit: +`msfconsole` +2. Load the module: +`use auxiliary/scanner/http/wordpress_pingback_access` +3. Set the target: +`set RHOSTS ` +4. Run the module: +`run` + +5. If vulnerable, the module will indicate that pingback access is enabled. + +--- + +## Options + +### RHOSTS +Target address or range of addresses. + +### RPORT +Target port (default: 80 or 443 depending on SSL). + +### THREADS +Number of concurrent threads. + +--- + +## Scenarios + +This module can be used in: + +- Security assessments to identify exposed XML-RPC endpoints +- Detecting potential DDoS amplification vectors +- Enumerating WordPress misconfigurations + +--- + +## Version and OS + +Tested on: +- WordPress 5.x / 6.x +- Kali Linux From 63ad9b06bf12361840559e071a2ebdcfc1115776 Mon Sep 17 00:00:00 2001 From: Devansh7006 Date: Fri, 27 Mar 2026 16:39:37 +0530 Subject: [PATCH 2/4] Refactor WordPress Pingback Access documentation Removed redundant sections and improved formatting for clarity. --- .../scanner/http/wordpress_pingback_access.md | 30 ++++--------------- 1 file changed, 5 insertions(+), 25 deletions(-) diff --git a/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md index 4a3c0bf084..a298133244 100644 --- a/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md +++ b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md @@ -1,5 +1,3 @@ -# WordPress Pingback Access Scanner - ## Vulnerable Application This module checks for accessible WordPress pingback functionality. @@ -16,22 +14,14 @@ To test this module: 2. Ensure `/xmlrpc.php` is accessible 3. Pingback functionality should not be disabled ---- - ## Verification Steps -1. Start Metasploit: -`msfconsole` -2. Load the module: -`use auxiliary/scanner/http/wordpress_pingback_access` -3. Set the target: -`set RHOSTS ` -4. Run the module: -`run` +1. Start Metasploit: `msfconsole` +2. Load the module: `use auxiliary/scanner/http/wordpress_pingback_access` +3. Set the target: `set RHOSTS ` +4. Run the module: `run` -5. If vulnerable, the module will indicate that pingback access is enabled. - ---- +If vulnerable, the module will indicate that pingback access is enabled. ## Options @@ -44,8 +34,6 @@ Target port (default: 80 or 443 depending on SSL). ### THREADS Number of concurrent threads. ---- - ## Scenarios This module can be used in: @@ -53,11 +41,3 @@ This module can be used in: - Security assessments to identify exposed XML-RPC endpoints - Detecting potential DDoS amplification vectors - Enumerating WordPress misconfigurations - ---- - -## Version and OS - -Tested on: -- WordPress 5.x / 6.x -- Kali Linux From bccbf35950ecb34dbb4921086550896ae1de32e3 Mon Sep 17 00:00:00 2001 From: Devansh7006 Date: Fri, 27 Mar 2026 17:07:24 +0530 Subject: [PATCH 3/4] Enhance documentation for WordPress pingback module Updated verification steps and added example run for clarity. --- .../scanner/http/wordpress_pingback_access.md | 33 ++++++++++++++----- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md index a298133244..c0aef8cab5 100644 --- a/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md +++ b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md @@ -16,10 +16,17 @@ To test this module: ## Verification Steps -1. Start Metasploit: `msfconsole` -2. Load the module: `use auxiliary/scanner/http/wordpress_pingback_access` -3. Set the target: `set RHOSTS ` -4. Run the module: `run` +1. Start Metasploit: + `msfconsole` + +2. Load the module: + `use auxiliary/scanner/http/wordpress_pingback_access` + +3. Set the target: + `set RHOSTS example.com` + +4. Run the module: + `run` If vulnerable, the module will indicate that pingback access is enabled. @@ -36,8 +43,18 @@ Number of concurrent threads. ## Scenarios -This module can be used in: +Example run: -- Security assessments to identify exposed XML-RPC endpoints -- Detecting potential DDoS amplification vectors -- Enumerating WordPress misconfigurations +```bash +msfconsole +use auxiliary/scanner/http/wordpress_pingback_access +set RHOSTS example.com +run +``` + +``` +[*] Checking pingback access on example.com +[+] Pingback is enabled and accessible at /xmlrpc.php +[*] Scanned 1 of 1 hosts (100% complete) +[*] Auxiliary module execution completed +``` From b9666f5f0ef7304b08026e9779a07dac64acac04 Mon Sep 17 00:00:00 2001 From: Devansh7006 Date: Tue, 31 Mar 2026 12:40:19 +0530 Subject: [PATCH 4/4] Improve formatting and clarity of WordPress pingback module Reformatted the verification steps and options for clarity. Removed redundant lines and added example usage. --- .../scanner/http/wordpress_pingback_access.md | 42 ++++++------------- 1 file changed, 13 insertions(+), 29 deletions(-) diff --git a/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md index c0aef8cab5..36ca94d254 100644 --- a/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md +++ b/documentation/modules/auxiliary/scanner/http/wordpress_pingback_access.md @@ -2,7 +2,8 @@ This module checks for accessible WordPress pingback functionality. -Pingback is an XML-RPC feature in WordPress that allows blogs to notify each other of references. If enabled, it can be abused for: +Pingback is an XML-RPC feature in WordPress that allows blogs to notify each other of references. +If enabled, it can be abused for: - DDoS amplification attacks - Internal network scanning @@ -16,45 +17,28 @@ To test this module: ## Verification Steps -1. Start Metasploit: - `msfconsole` - -2. Load the module: - `use auxiliary/scanner/http/wordpress_pingback_access` - -3. Set the target: - `set RHOSTS example.com` - -4. Run the module: - `run` +1. Start Metasploit: `msfconsole` +2. Load the module: `use auxiliary/scanner/http/wordpress_pingback_access` +3. Set the target: `set RHOSTS example.com` +4. Run the module: `run` If vulnerable, the module will indicate that pingback access is enabled. ## Options -### RHOSTS -Target address or range of addresses. - -### RPORT -Target port (default: 80 or 443 depending on SSL). - -### THREADS -Number of concurrent threads. +This module has no additional options beyond the standard ones. ## Scenarios -Example run: - +Example usage against a WordPress site with pingback enabled: ```bash -msfconsole -use auxiliary/scanner/http/wordpress_pingback_access -set RHOSTS example.com -run -``` - -``` +msf > use auxiliary/scanner/http/wordpress_pingback_access +msf auxiliary(scanner/http/wordpress_pingback_access) > set RHOSTS example.com +RHOSTS => example.com +msf auxiliary(scanner/http/wordpress_pingback_access) > run [*] Checking pingback access on example.com [+] Pingback is enabled and accessible at /xmlrpc.php [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed +msf auxiliary(scanner/http/wordpress_pingback_access) > ```