Support » Plugin: Mute Screamer » [Plugin: Mute Screamer] Tons of XMLRPC Alerts

  • Just installed Mute Screamer yesterday. Previously, I had PHPIDS running directly but thought I’d try this plugin since it looks like things would be so much easier to manage.

    Well as soon as I installed and configured it, I started receiving tons of XMLRPC alerts that seem to be caused by JetPack. The alerts all look something like the following:

    Name: REQUEST.<?xml_version

    Value Column (I swapped in some random values for things that might be sensitive – in brackets):

    “1.0”?> <methodCall> <methodName>jetpack.getPosts</methodName> <params> <param><value><array><data> <value><array><data> <value><int>8155</int></value> </data></array></value> </data></array></value></param> </params></methodCall> /xmlrpc.php?for=jetpack&token=[arandomvaluelookingthinghere]&timestamp=[sometimestampwashere]&nonce=[somerandomnonce]&body-hash=[thebodyhash]&signature=[andthesig]

    Tags: xss, csrf, id, rfe, lfi

    Impact: 8

    I also get tons of similar alerts via POST requests as well. I tried turning off wp-admin alerts and that didn’t seem to help.

    I know Icould probably just add exceptions for “REQUEST.<?xml_version” and “POST.<?xml_version” but was concerned because I never received these types of alerts in my old PHPIDS direct install.

    Any thoughts or opinions on how to address this?

    http://wordpress.org/extend/plugins/mute-screamer/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author ampt

    (@ampt)

    Not sure what is happening here, I’m running XMLRPC and JetPack on one of my sites and haven’t had any alerts like you describe. I’ve noticed there is a new version of JetPack available so I will test that out and get back to you.

    Which version of WordPress and JetPack are you running?

    Plugin Author ampt

    (@ampt)

    Ok so I’m getting the same problem when I’m using the WordPress iOS app, when it makes requests via xmlrpc.php.

    Plugin Author ampt

    (@ampt)

    Ok so I’m getting the same problem when I’m using the WordPress iOS app, when it makes requests via xmlrpc.php. Will look into this. Sorry about the double post, connection dropped out.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Mute Screamer] Tons of XMLRPC Alerts’ is closed to new replies.