WordPress User Enumeration

2011-04-25T00:00:00
ID PACKETSTORM:100796
Type packetstorm
Reporter Xecuti0N3r
Modified 2011-04-25T00:00:00

Description

                                        
                                            `#(+)Exploit Title: Wordpress Abuse of Functionality Vulnerability  
#(+)Created By: ^Xecuti0n3r  
#(+) Date : 23.04.2011  
#(+) Hour : 13:37 PM  
#(+) E-mail : xecuti0n3r()yahoo.com  
  
  
Abuse of Functionality (WASC-42):-  
  
Login Username enumeration is possible in Wordpress using a functionality provided by Wordpress itself ;)  
  
Goto: https://site.com/wp-login.php  
  
Case 1:  
Enter Wrong Username + Wrong Password.  
You'll get and Error stating: "ERROR: Invalid username." --> Which states that the username does not exist.  
  
Case 2:  
Enter Correct Username + Wrong Password.  
You'll get and Error stating: "ERROR: The password you entered for the username <Entered_usrername> is incorrect."  
This symblolises that the entered username is valid but the password is wrong.   
  
This process can be automated, because it not protected by captcha. :)  
  
#######################  
(+)Exploit Coded by: ^Xecuti0n3r   
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r  
#######################  
  
  
`