攻击者是这样拿到你的Wordpress 【管理员用户名】的！！

三和大神

不用wp保平安

Sooele

/batch/v1
/oembed/1.0
/oembed/1.0/embed
/oembed/1.0/proxy
/akismet/v1
/akismet/v1/key
/akismet/v1/settings
/akismet/v1/stats
/akismet/v1/stats/(?P<interval>[\w+])
/akismet/v1/alert
/jetpack/v4
/jetpack/v4/plans
/jetpack/v4/products
/jetpack/v4/marketing/survey
/jetpack/v4/jitm
/jetpack/v4/connection/test
/jetpack/v4/connection/test-wpcom
/jetpack/v4/rewind
/jetpack/v4/scan
/jetpack/v4/connection/url
/jetpack/v4/connection/data
/jetpack/v4/connection/register
/jetpack/v4/connection/owner
/jetpack/v4/tracking/settings
/jetpack/v4/connection
/jetpack/v4/connection/user
/jetpack/v4/site
/jetpack/v4/site/features
/jetpack/v4/site/products
/jetpack/v4/site/purchases
/jetpack/v4/site/benefits
/jetpack/v4/site/activity
/jetpack/v4/identity-crisis/confirm-safe-mode
/jetpack/v4/identity-crisis/start-fresh
/jetpack/v4/identity-crisis/migrate
/jetpack/v4/module/all
/jetpack/v4/module/all/active
/jetpack/v4/module/(?P<slug>[a-z\-]+)
/jetpack/v4/module/(?P<slug>[a-z\-]+)/active
/jetpack/v4/module/(?P<slug>[a-z\-]+)/data
/jetpack/v4/module/(?P<service>[a-z\-]+)/key/check
/jetpack/v4/settings
/jetpack/v4/settings/(?P<slug>[a-z\-]+)
/jetpack/v4/options/(?P<options>[a-z\-]+)
/jetpack/v4/updates/plugins
/jetpack/v4/notice/(?P<notice>[a-z\-_]+)
/jetpack/v4/plugins
/jetpack/v4/plugins/(?P<plugin>[^.\/]+(?:\/[^.\/]+)?)
/jetpack/v4/plugins/akismet/activate
/jetpack/v4/plugin/(?P<plugin>[a-z\/\.\-_]+)
/jetpack/v4/widgets/(?P<id>[0-9a-z\-_]+)
/jetpack/v4/verify-site/(?P<service>[a-z\-_]+)
/jetpack/v4/verify-site/(?P<service>[a-z\-_]+)/(?<keyring_id>[0-9]+)
/jetpack/v4/service-api-keys/(?P<service>[a-z\-_]+)
/jetpack/v4/mobile/send-login-email
/jetpack/v4/setup/questionnaire
/jetpack/v4/licensing/error
/jetpack/v4/jetpack_crm
/jetpack/v4/verify_xmlrpc_error
/jetpack/v4/remote_authorize
/jetpack/v4/connection/plugins
/jetpack/v4/connection/reconnect
/wpcom/v2
/wpcom/v2/business-hours/localized-week
/wpcom/v2/admin-menu
/wpcom/v2/external-media/list/(?P<service>google_photos|pexels)
/wpcom/v2/external-media/copy/(?P<service>google_photos|pexels)
/wpcom/v2/external-media/connection/(?P<service>google_photos)
/wpcom/v2/instagram-gallery/connect-url
/wpcom/v2/instagram-gallery/connections
/wpcom/v2/instagram-gallery/gallery
/wpcom/v2/mailchimp
/wpcom/v2/mailchimp/groups
/wpcom/v2/podcast-player
/wpcom/v2/resolve-redirect/?(?P<url>.+)?
/wpcom/v2/search
/wpcom/v2/tweetstorm/gather
/wpcom/v2/tweetstorm/parse
/wpcom/v2/tweetstorm/generate-cards
/wpcom/v2/gutenberg/available-extensions
/wpcom/v2/hello
/wpcom/v2/memberships/status
/wpcom/v2/memberships/product
/wpcom/v2/memberships/products
/wpcom/v2/publicize/connections
/wpcom/v2/publicize/connection-test-results
/wpcom/v2/publicize/services
/wpcom/v2/service-api-keys/(?P<service>[a-z\-_]+)
/wpcom/v2/subscribers/count
/jetpack/v4/hints
/wp/v2
/wp/v2/posts
/wp/v2/posts/(?P<id>[\d]+)
/wp/v2/posts/(?P<parent>[\d]+)/revisions
/wp/v2/posts/(?P<parent>[\d]+)/revisions/(?P<id>[\d]+)
/wp/v2/posts/(?P<id>[\d]+)/autosaves
/wp/v2/posts/(?P<parent>[\d]+)/autosaves/(?P<id>[\d]+)
/wp/v2/pages
/wp/v2/pages/(?P<id>[\d]+)
/wp/v2/pages/(?P<parent>[\d]+)/revisions
/wp/v2/pages/(?P<parent>[\d]+)/revisions/(?P<id>[\d]+)
/wp/v2/pages/(?P<id>[\d]+)/autosaves
/wp/v2/pages/(?P<parent>[\d]+)/autosaves/(?P<id>[\d]+)
/wp/v2/media
/wp/v2/media/(?P<id>[\d]+)
/wp/v2/media/(?P<id>[\d]+)/post-process
/wp/v2/media/(?P<id>[\d]+)/edit
/wp/v2/blocks
/wp/v2/blocks/(?P<id>[\d]+)
/wp/v2/blocks/(?P<id>[\d]+)/autosaves
/wp/v2/blocks/(?P<parent>[\d]+)/autosaves/(?P<id>[\d]+)
/wp/v2/feedback
/wp/v2/feedback/(?P<id>[\d]+)
/wp/v2/feedback/(?P<id>[\d]+)/autosaves
/wp/v2/feedback/(?P<parent>[\d]+)/autosaves/(?P<id>[\d]+)
/wp/v2/jp_pay_order
/wp/v2/jp_pay_order/(?P<id>[\d]+)
/wp/v2/jp_pay_order/(?P<id>[\d]+)/autosaves
/wp/v2/jp_pay_order/(?P<parent>[\d]+)/autosaves/(?P<id>[\d]+)
/wp/v2/jp_pay_product
/wp/v2/jp_pay_product/(?P<id>[\d]+)
/wp/v2/jp_pay_product/(?P<id>[\d]+)/autosaves
/wp/v2/jp_pay_product/(?P<parent>[\d]+)/autosaves/(?P<id>[\d]+)
/wp/v2/types
/wp/v2/types/(?P<type>[\w-]+)
/wp/v2/statuses
/wp/v2/statuses/(?P<status>[\w-]+)
/wp/v2/taxonomies
/wp/v2/taxonomies/(?P<taxonomy>[\w-]+)
/wp/v2/categories
/wp/v2/categories/(?P<id>[\d]+)
/wp/v2/tags
/wp/v2/tags/(?P<id>[\d]+)
/wp/v2/users
/wp/v2/users/(?P<id>[\d]+)
/wp/v2/users/me
/wp/v2/users/(?P<user_id>(?:[\d]+|me))/application-passwords
/wp/v2/users/(?P<user_id>(?:[\d]+|me))/application-passwords/(?P<uuid>[\w\-]+)
/wp/v2/comments
/wp/v2/comments/(?P<id>[\d]+)
/wp/v2/search
/wp/v2/block-renderer/(?P<name>[a-z0-9-]+/[a-z0-9-]+)
/wp/v2/block-types
/wp/v2/block-types/(?P<namespace>[a-zA-Z0-9_-]+)
/wp/v2/block-types/(?P<namespace>[a-zA-Z0-9_-]+)/(?P<name>[a-zA-Z0-9_-]+)
/wp/v2/settings
/wp/v2/themes
/wp/v2/plugins
/wp/v2/plugins/(?P<plugin>[^.\/]+(?:\/[^.\/]+)?)
/wp/v2/block-directory/search
/wp-site-health/v1
/wp-site-health/v1/tests/background-updates
/wp-site-health/v1/tests/loopback-requests
/wp-site-health/v1/tests/dotorg-communication
/wp-site-health/v1/tests/authorization-header
/wp-site-health/v1/directory-sizes


我可以提供一套类似的给你。就看你能力了！

wifitry

不明觉厉

xlouspeng

我这种自己都不记得密码的人，它弄到了我也无法

战神赵日天

这个信息狠有用，如果站长用自己常用网名，且密码已经是明文在外，基本被攻破就是分分钟的事情

dahai0405

[{"id":1,"name":"gongyi","url":"","description":"","link":"https:\/\/www.zhujiceping.com\/author\/admin\/","slug":"admin","avatar_urls":{"24":"https:\/\/secure.gravatar.com\/avatar\/d2ad946411bb7848e873d0c3588bfe45?s=24&r=g","48":"https:\/\/secure.gravatar.com\/avatar\/d2ad946411bb7848e873d0c3588bfe45?s=48&r=g","96":"https:\/\/secure.gravatar.com\/avatar\/d2ad946411bb7848e873d0c3588bfe45?s=96&r=g"},"meta":[],"_links":{"self":[{"href":"https:\/\/www.zhujiceping.com\/wp-json\/wp\/v2\/users\/1"}],"collection":[{"href":"https:\/\/www.zhujiceping.com\/wp-json\/wp\/v2\/users"}]}}]

lop

Sooele 发表于 2021-1-13 20:16
/batch/v1
/oembed/1.0
/oembed/1.0/embed

eate

利用XMLRPC接口攻击啊？我直接把XMLRPC给关了，cloudflare那边还用防火墙拦了，稳当的

蓝色的信封

WP的API，文章都是admin，给别人随便破吧

diyes

admin