[wp-trac] [WordPress Trac] #50254: User-name Enumeration
WordPress Trac
noreply at wordpress.org
Tue May 26 11:04:57 UTC 2020
#50254: User-name Enumeration
-------------------------------------------------+-------------------------
Reporter: virajmota | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: General | Version:
Severity: normal | Keywords: needs-
Focuses: accessibility, privacy, coding- | refresh
standards |
-------------------------------------------------+-------------------------
Hello Team,
Hope you and your team doing well.
It was observed that we can enumerate the list of username are presently
using.
Once the username is found it is possible to bruteforce for a password
will see.
Steps:
1) Navigate the below given URL and capture the request in proxy tool.
URL- https://wordpress.com/log-in/link
2) Send the request to repeater and enter guessable username, and in
return it throws message as user name is not valid or success (200).
3) For wrong user enter and in response throws user is not valid.
4) For correct once, in response throws 200 status message.
Note : It help an attacker to enumerate the list of "valid" usernames.
Mitigation: Add the custom response for incorrect once.
[[Image()]]
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50254>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list