infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added more info

MS-2855/keylogger-mettle-extension
Vishal Gupta 2017-12-09 21:23:17 -05:00
parent 76d60cb334
commit 52d426d5c0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
documentation/modules/auxiliary/scanner/http/wordpress_login_enum.md
View File

@ -1,6 +1,6 @@
## Descriptions
This auxiliary module will brute-force a WordPress installation and first determine valid usernames and then perform a password-guessing attack.
This auxiliary module will brute-force a WordPress installation and first determine valid usernames and then perform a password-guessing attack. WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience." More infomation can be found (here)[https://www.cvedetails.com/cve/cve-2009-2335].
## Verification Steps