Skip to content
/ Shiva Public

Improved DOS exploit for wordpress websites (CVE-2018-6389)

Notifications You must be signed in to change notification settings

s0md3v/Shiva

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 

Repository files navigation

Shiva

First of all, put Shiva on watch. I will be upgrading it to a full stress testing suite over time. Shiva is designed to perform Denial Of Service (DOS) attack on wordpress sites by loading all jquery scripts at once through load-scripts.php. So basically its an exploit for CVE-2018-6389.

Awesomeness

  • Shiva uses multithreading to bring down websites as soon as possible,
  • You don't need to worry about your IP being exposed because Shiva uses Proxify to route all requests through random proxies which keep getting rotated automatically.

Dependencies & Compatibility

Shiva is compatible with both python2 and python3.
Dependencies:

  • requests
  • proxify

Usages

You can attack a target with Shiva as follows:

python shiva.py -u target.com -t 50

Where target.com is the target website and 50 is the number of threads.
You must keep in mind that Shiva is only effective against wordpress site so make sure your target runs on wordpress.
Number of threads should be selected according to the network speed.

About

Improved DOS exploit for wordpress websites (CVE-2018-6389)

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages