LIVE HACKING A WORDPRESS SITE using wpscan **2019** | Advanced Web Hacking Tutorials




**DISCLAIMER: I AM MERELY ENUMERATING THE USERNAMES , NOT BRUTE FORCING THE SITE. THERE ARE PLUGINS AVAILABLE IN WORDPRESS (STOP USER ENUMERATION) WHICH CAN BE DOWNLOADED AND INSTALLED ON THE WEBSITE OR ANY OTHER/ FUTURE WP SITE OWNERS, TO STOP ENUMERATING THE USERNAMES .
DOWNLOAD LINK : **

Social Media:
Official Facebook Page :

Twitter:

Wpscan is a powerful tool that has been developed to not only enumerate Admin username ( for CPanel takeover ) of wordpress sites , but also to enumerate vulnerable themes,plugins etc that has been used in creating the WP portal .

This tool is inbuilt and pre-packed in Kali rolling , but also can be cloned nad installed from github using :
git clone
cd wpscan/
bundle install && rake install

The Entire purpose of the video is educational , and to make the developers and WordPress site owners aware of their site’s vulnerabilities , and the fixes available . Most of the vulnerabilities has been patched up in WordPress version 4.9.9 , so i would recommend all the WP site owners o upgrade to version 4.9.9 ASAP.

The tool is entirely created in the ruby programming language and is one of the best tools, in my opinion , to find vulnerabilities in wordpress sites and to patch them up , with

It can also be used to bruteforce , and gain a passphrase match once the admin name and the portal URL has been enumerated .

Credit For Development:

WordPress Security Scanner by the WPScan Team
Version 2.9.4
Sponsored by Sucuri –
@_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_

**This video is for educational purpose ONLY and i do not claim any responsibility for any misusage of the knowledge provided by this tutorial**

As mentioned in the video , the command to BF a site with an appropriate wordlist (dictionary attack) is :

wpscan –url www.example.com –wordlist darkc0de.lst –username admin –threads 100 –throttle 500 –user-agent firefox //(assuming the admin username is “admin”)

Keep Tuned for more.

#Captain_Nemo


Fuente – Source

LIVE HACKING A WORDPRESS SITE using wpscan **2019** | Advanced Web Hacking Tutorials

Necesitas ayuda con wp? Entonces WPVideo es tu sitio.
Encuentra lo que buscas entre cientos de miles de videos y experiencias personales de otros usuarios. Todos los que empezamos con wp deberíamos tener acceso a esta web, ojalá yo hubiera tenido algo así cuando empecé mi camino como webmaster 🙂
Pero ahora quiero y puedo poner esta web a vuestra disposición.
Disfrutadla 😉

Need help with wp? Then WPVideo is your site.
Find what you are looking for among hundreds of thousands of videos and personal experiences of other users. All of us who started with wp should have access to this website, I wish I had something like that when I started my journey as webmaster 🙂
But now I want and I can put this website at your disposal.
Enjoy it 😉

https://www.wpvideo.eu

Publicado en Plugins, Temas (Themes), Tutoriales (Tutorials), Wordpress y etiquetado .

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *