In this article, I will detail how to use vulnerability POC（proof-of-concept tool Searchspoit on your Wordpress website, 4.0 and following versions of Dos attack Vulnerability CVE-2 0 1 4-9 0 3 4 the detection and utilization.
CVE-2 0 1 4-9 0 3 4 is due to the hash number of a long password processing caused by improper, can cause a remote attacker to Wordpress4. 0 and the following version of the website to launch Dos attacks. The vulnerability published has been for some time, but now this problem has not been solved.
Searchspoit is a tool in kali linux to find the variety of Trojan. script tool that can be used with MetaSploit to use, very easy to use.
If you want to search for other, enter“-h”display a Help menu that can help you to find more vulnerabilities.
Searchsploi find the file located in/usr/share/exploitdb/, you need to copy the files to the main directory or similar place.
Running process may need to be some PHP command, the following might be of help to you.
When I first tried to run the exp I receive is an error reply.
This is because my kali missing the php5-curl package, so I need to re-install it.
Again run the exploit on.
Now we look at server-side is like?
[Reference source blackmoreops , the coding/Change, please indicate from Freebuf hackers and geeks（FreeBuf.COM）]