[clue] WordPress login scanners?
Bruce Ediger
bediger at stratigery.com
Wed May 8 11:09:16 MDT 2013
Does anybody know what the latest storm of WordPress login scanners
are looking for?
I've set up a fake WordPress at
http://www.stratigery.com/blahblah/wp-login.php
It will "log in" any user name and password, set cookies like WordPress
does, and even give you a WordPress admin dashboard, less some css
files.
I see the WordPress scanners "logging in", and then accessing the fake
dashboard with cookies that my login page sets, but they don't do any
more than that wp-admin access.
Does anybody know what bait I need to lure the scanners to do more?
More information about the clue
mailing list