[wp-forums] A reason to upgrade
Podz
podz at tamba2.org.uk
Sun Aug 13 08:34:56 GMT 2006
Url broken.
http://www.the sar casm.com/index.php?id=60
WPCrack
You must know the username you're trying to crack.
*
Reason:
There is a "vulnerability" in Wordpress <= 2.0.4 (as far as I know)
that will allow you to enumerate a valid username list. Example:
go to the wp-login.php page, and type in some bullshit username. It
says, "Error: Incorrect username," but when you input a correct one
it will say "Error: Incorrect password," therefore telling you that
you have a proper username. Fill in the blanks.
P.
More information about the wp-forums
mailing list