Giters

picatz / Wordpress-AIOWPS-Firewall-Captcha-Cracker

Proof of concept to bypass the Wordpress plugin All In One WP Security & Firewall custom captcha system implemented on Wordpress login pages in hopes to prevent brute force attacks. Since html and base64 are easy to work with, we can just need to decode the answer.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

AIOWPS Captcha Cracker

AIOWPS ( All In One Wordpress Security & Firewall ) Captcha Cracker is a simple ruby script to act as a proof of concept that word mapping twenty numbers and base64 encoding the answer into the login page html is a bad idea.

TODO:

  • Add more options ( optparse ).
  • Smarter url handeling.
  • Write license?

Installation

You're going to need to install the following ruby gems:
gem install nokogiri

Usage

ruby aiowps-captcha-cracker.rb http://www.target-url.com/wp-login.php

Credits

Kent 'picat' Gruber

About

Proof of concept to bypass the Wordpress plugin All In One WP Security & Firewall custom captcha system implemented on Wordpress login pages in hopes to prevent brute force attacks. Since html and base64 are easy to work with, we can just need to decode the answer.

Languages

Language:Ruby 100.0%