CVE-2018-6389

This script performs a DoS attack against WordPress by sending a large number of HTTP requests to the vulnerable `load-scripts.php` endpoint, exploiting CVE-2018-6389. It uses multiple threads and random user agents to bypass basic mitigations.

This is a functional DoS exploit for CVE-2018-6389 targeting WordPress sites by abusing load-scripts.php to load excessive jQuery scripts. It uses multithreading and proxy rotation to amplify the attack.

This is a Python-based DoS exploit targeting WordPress versions < 4.9.3 via the load-scripts.php endpoint. It floods the target with HTTP requests using randomized user agents and threading to amplify the attack.

This repository provides mitigation guidance and Ansible roles for CVE-2018-6389, a DoS vulnerability in WordPress affecting load-scripts.php and load-styles.php. It includes Nginx rules and WordPress configuration changes to block or disable concatenation of JS/CSS files.

This repository provides a proof-of-concept for CVE-2018-6389, a WordPress DoS vulnerability. It includes instructions to set up a vulnerable WordPress instance and execute a DoS attack using a Python script (doser.py).

This PoC exploits CVE-2018-6389, a DoS vulnerability in WordPress due to improper handling of the 'load' parameter in load-scripts.php, allowing resource exhaustion via excessive script loading. The script automates the attack by sending multiple requests with increasing payload sizes to measure server response.

This repository contains a Python-based DoS tool that floods a target with HTTP GET or POST requests using multiple threads. It is designed to exploit CVE-2018-6389, a vulnerability in the Linux kernel's handling of TCP connections.

This PoC exploits CVE-2018-6389, a DoS vulnerability in WordPress via the `/wp-admin/load-scripts.php` endpoint by sending multiple requests with a large payload of scripts. It uses threading to amplify the attack.

This repository contains a Java-based scanner for CVE-2018-6389, a WordPress DoS vulnerability. It checks for the presence of the vulnerability by sending a single HTTP GET request with a crafted payload but does not perform an actual DoS attack.

This is a functional DoS exploit targeting WordPress <= 4.9.4 via the 'load-scripts.php' endpoint. It floods the target with HTTP requests using randomized user agents and referrers to exhaust server resources.

This is a Metasploit module designed to exploit CVE-2018-6389, a DoS vulnerability in WordPress's load-scripts.php. It sends multiple HTTP requests with a large list of plugins to trigger resource exhaustion.

This repository contains a Python script and shell script to exploit CVE-2018-6389, a DoS vulnerability in WordPress 4.9.x via the load-scripts.php file. The script sends multiple requests with a large number of JavaScript files to overload the server.

This is a Python-based proof-of-concept exploit for CVE-2018-6389, a WordPress DoS vulnerability. It floods the target's load-scripts.php endpoint with multiple concurrent requests to exhaust server resources.

This repository provides a PHP script to patch WordPress installations against CVE-2018-6389, a DoS vulnerability. The script modifies core WordPress files to mitigate the issue by disabling script concatenation and ensuring proper file inclusion.

This repository provides an Apache RewriteRule to mitigate a potential DoS attack via WordPress wp-admin/load-scripts.php. It references the initial disclosure by Barak Tawily but does not contain exploit code.

This script is a patch for CVE-2018-6389, a WordPress vulnerability. It locates WordPress installations on a server and applies security patches to mitigate the vulnerability by modifying key files.

This repository contains a Python-based DoS tool targeting CVE-2018-6389 in WordPress 4.9.2. The script sends multiple HTTP GET requests to exploit a vulnerability in the load-scripts.php endpoint, causing resource exhaustion.

This repository contains a Node.js-based PoC for CVE-2018-6389, a WordPress DoS vulnerability. The script exploits the load-scripts.php endpoint to perform resource exhaustion attacks by requesting multiple uncached JavaScript files, leading to high server load.

The repository contains standard WordPress files without any exploit code or proof-of-concept for CVE-2018-6389. No offensive techniques or vulnerability demonstrations are present.

The repository contains only a README.md file with social media links and no exploit code or technical details. It references CVE-2018-6389 but provides no functional PoC.

This repository contains a Python-based DoS tool designed to exploit CVE-2018-6389 in WordPress 4.9.2 by sending a high volume of HTTP GET requests to the vulnerable endpoint. The script uses multiple threads and randomized headers to bypass basic mitigations.

This script is a patch for CVE-2018-6389, a WordPress vulnerability. It locates WordPress installations on a server and applies mitigations by modifying core files to prevent exploitation.

This repository provides a ModSecurity ruleset for detecting attacks exploiting CVE-2018-6389, a vulnerability in WordPress. It does not contain exploit code but offers defensive rules.