Sunday 17 June 2018

wpscan kali linux wordpress hacking tutorial 2018

















WPScan Package Description

WPScan is a black box WordPress
vulnerability scanner that can be used to scan remote WordPress
installations to find security issues.
Source: http://wpscan.org/

WPScan Homepage | Kali wpscan Repo


  • Author: The WPScan Team
  • License: Other

Tools included in the wpscan package

wpscan – WordPress vulnerability scanner
root@kali:~# wpscan  --help

_______________________________________________________________

        __          _______   _____

        \ \        / /  __ \ / ____|

         \ \  /\  / /| |__) | (___   ___  __ _ _ __

          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \

           \  /\  /  | |     ____) | (__| (_| | | | |

            \/  \/   |_|    |_____/ \___|\__,_|_| |_|



        WordPress Security Scanner by the WPScan Team

                       Version 2.6

          Sponsored by Sucuri - https://sucuri.net

   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_

_______________________________________________________________



Help :



Some values are settable in a config file, see the example.conf.json



--update                            Update to the database to the latest version.

--url       | -u <target url>       The WordPress URL/domain to scan.

--force     | -f                    Forces WPScan to not check if the remote site is running WordPress.

--enumerate | -e [option(s)]        Enumeration.

  option :

    u        usernames from id 1 to 10

    u[10-20] usernames from id 10 to 20 (you must write [] chars)

    p        plugins

    vp       only vulnerable plugins

    ap       all plugins (can take a long time)

    tt       timthumbs

    t        themes

    vt       only vulnerable themes

    at       all themes (can take a long time)

  Multiple values are allowed : "-e tt,p" will enumerate timthumbs and plugins

  If no option is supplied, the default is "vt,tt,u,vp"



--exclude-content-based "<regexp or string>"

                                    Used with the enumeration option,
will exclude all occurrences based on the regexp or string supplied.

                                    You do not need to provide the
regexp delimiters, but you must write the quotes (simple or double).

--config-file  | -c <config file>   Use the specified config file, see the example.conf.json.

--user-agent   | -a <User-Agent>    Use the specified User-Agent.

--cookie <String>                   String to read cookies from.

--random-agent | -r                 Use a random User-Agent.

--follow-redirection                If the target url has a redirection,
it will be followed without asking if you wanted to do so or not

--batch                             Never ask for user input, use the default behaviour.

--no-color                          Do not use colors in the output.

--wp-content-dir <wp content dir>   WPScan try to find the content
directory (ie wp-content) by scanning the index page, however you can
specified it.

                                    Subdirectories are allowed.

--wp-plugins-dir <wp plugins dir>   Same thing than --wp-content-dir but for the plugins directory.

                                    If not supplied, WPScan will use wp-content-dir/plugins. Subdirectories are allowed

--proxy <[protocol://]host:port>    Supply a proxy. HTTP, SOCKS4 SOCKS4A and SOCKS5 are supported.

                                    If no protocol is given (format host:port), HTTP will be used.

--proxy-auth <username:password>    Supply the proxy login credentials.

--basic-auth <username:password>    Set the HTTP Basic authentication.

--wordlist | -w <wordlist>          Supply a wordlist for the password brute forcer.

--username | -U <username>          Only brute force the supplied username.

--usernames     <path-to-file>      Only brute force the usernames from the file.

--threads  | -t <number of threads> The number of threads to use when multi-threading requests.

--cache-ttl       <cache-ttl>       Typhoeus cache TTL.

--request-timeout <request-timeout> Request Timeout.

--connect-timeout <connect-timeout> Connect Timeout.

--max-threads     <max-threads>     Maximum Threads.

--help     | -h                     This help screen.

--verbose  | -v                     Verbose output.

--version                           Output the current version and exit.





Examples :



-Further help ...

ruby ./wpscan.rb --help



-Do 'non-intrusive' checks ...

ruby ./wpscan.rb --url www.example.com



-Do wordlist password brute force on enumerated users using 50 threads ...

ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50



-Do wordlist password brute force on the 'admin' username only ...

ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin



-Enumerate installed plugins ...

ruby ./wpscan.rb --url www.example.com --enumerate p



-Enumerate installed themes ...

ruby ./wpscan.rb --url www.example.com --enumerate t



-Enumerate users ...

ruby ./wpscan.rb --url www.example.com --enumerate u



-Enumerate installed timthumbs ...

ruby ./wpscan.rb --url www.example.com --enumerate tt



-Use a HTTP proxy ...

ruby ./wpscan.rb --url www.example.com --proxy 127.0.0.1:8118



-Use a SOCKS5 proxy ... (cURL >= v7.21.7 needed)

ruby ./wpscan.rb --url www.example.com --proxy socks5://127.0.0.1:9000



-Use custom content directory ...

ruby ./wpscan.rb -u www.example.com --wp-content-dir custom-content



-Use custom plugins directory ...

ruby ./wpscan.rb -u www.example.com --wp-plugins-dir wp-content/custom-plugins



-Update the DB ...

ruby ./wpscan.rb --update



-Debug output ...

ruby ./wpscan.rb --url www.example.com --debug-output 2>debug.log



See README for further information.

WPScan Usage Example

Scan a target WordPress URL and enumerate any plugins that are installed:


root@kali:~# wpscan --url http://wordpress.local --enumerate p

_______________________________________________________________

        __          _______   _____

        \ \        / /  __ \ / ____|

         \ \  /\  / /| |__) | (___   ___  __ _ _ __

          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \

           \  /\  /  | |     ____) | (__| (_| | | | |

            \/  \/   |_|    |_____/ \___|\__,_|_| |_|



        WordPress Security Scanner by the WPScan Team

                       Version 2.6

          Sponsored by Sucuri - https://sucuri.net

   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_

_______________________________________________________________



[+] URL: http://wordpress.local/

[+] Started: Mon Jan 12 14:07:40 2015



[+] robots.txt available under: 'http://wordpress.local/robots.txt'

[+] Interesting entry from robots.txt: http://wordpress.local/search

[+] Interesting entry from robots.txt: http://wordpress.local/support/search.php

[+] Interesting entry from robots.txt: http://wordpress.local/extend/plugins/search.php

[+] Interesting entry from robots.txt: http://wordpress.local/plugins/search.php

[+] Interesting entry from robots.txt: http://wordpress.local/extend/themes/search.php

[+] Interesting entry from robots.txt: http://wordpress.local/themes/search.php

[+] Interesting entry from robots.txt: http://wordpress.local/support/rss

[+] Interesting entry from robots.txt: http://wordpress.local/archive/

[+] Interesting header: SERVER: nginx

[+] Interesting header: X-FRAME-OPTIONS: SAMEORIGIN

[+] Interesting header: X-NC: HIT lax 249

[+] XML-RPC Interface available under: http://wordpress.local/xmlrpc.php



[+] WordPress version 4.2-alpha-31168 identified from rss generator



[+] Enumerating installed plugins  ...



   Time: 00:00:35 <======================================================> (2166 / 2166) 100.00% Time: 00:00:35



[+] We found 2166 plugins:

...
at No comments:

Sunday 3 June 2018

Anonymous on internet Tor with proxychains kali linux 2018

proxychains - a tool that forces any TCP connection made by any given
application to follow through proxy like TOR or any other SOCKS4, SOCKS5
or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5,
"basic" for HTTP.

The Tor network is a group of volunteer-operated servers that allows
people to improve their privacy and security on the Internet. Tor's
users employ this network by connecting through a series of virtual
tunnels rather than making a direct connection, thus allowing both
organizations and individuals to share information over public networks
without compromising their privacy. Along the same line, Tor is an
effective censorship circumvention tool, allowing its users to reach
otherwise blocked destinations or content. Tor can also be used as a
building block for software developers to create new communication tools
with built-in privacy features.

Individuals use Tor to keep websites from tracking them and their family
members, or to connect to news sites, instant messaging services, or
the like when these are blocked by their local Internet providers. Tor's
onion services let users publish web sites and other services without
needing to reveal the location of the site. Individuals also use Tor for
socially sensitive communication: chat rooms and web forums for rape
and abuse survivors, or people with illnesses.

Journalists use Tor to communicate more safely with whistleblowers and
dissidents. Non-governmental organizations (NGOs) use Tor to allow their
workers to connect to their home website while they're in a foreign
country, without notifying everybody nearby that they're working with
that organization.

Groups such as Indymedia recommend Tor for safeguarding their members'
online privacy and security. Activist groups like the Electronic
Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining
civil liberties online. Corporations use Tor as a safe way to conduct
competitive analysis, and to protect sensitive procurement patterns from
eavesdroppers. They also use it to replace traditional VPNs, which
reveal the exact amount and timing of communication. Which locations
have employees working late? Which locations have employees consulting
job-hunting websites? Which research divisions are communicating with
the company's patent lawyers?

A branch of the U.S. Navy uses Tor for open source intelligence
gathering, and one of its teams used Tor while deployed in the Middle
East recently. Law enforcement uses Tor for visiting or surveilling web
sites without leaving government IP addresses in their web logs, and for
security during sting operations.

The variety of people who use Tor is actually part of what makes it so
secure. Tor hides you among the other users on the network, so the more
populous and diverse the user base for Tor is, the more your anonymity
will be protected.

use tor and proxychains in kali linux and anonymous yourself on internet
for latest kali linux tutorial like and subscribe
at No comments:

termux Installing sqlmap in Android Website hack 2018

just a small tutorial to hack a website in a android device using sqlmap
in termux do like and subscribe if you have any questions comment
below hacking made easy a sql injection technique to hack sql vulnerable
website using sqlmap in your android device using termux
at 1 comment:

How to find WiFi password in your android device 2018

Hello guys today I will show you how to find WiFi password in your
android device within minutes it requires root access it's not so good
technique you can use WiFi password recovery instead of this as I found
it interesting so I made a video on it getting saved WiFi password in
your android device is not possible if you don't have root access don't
dislike it it's not so good tutorial I know there are other fast and
easy method to get your saved WiFi password in your android don't have
to say much just keep exploring guys by cybertwist comment below if you
have something in your mind..
at No comments:

Internet speed meter windows Monitor internet data usage real time

If you really need to watch your Internet internet speed in windows
bandwidth, you need ShaPlus Bandwidth Meter. Unlike online bandwidth
meters, ShaPlus monitors your Internet bandwidth instead of testing your
connection speed. ShaPlus is designed to stay open in the Windows
system tray, with a more detailed (but still compact) display for the
notification area or anywhere on the desktop you care to drag and pin
it. This free tool keeps track of your bandwidth use for the current
session, the day, and the month. You can set it to track your billing
period and even to stop tracking between specified times. Recent updates
include the ability to display bandwidth in gigabytes, a counter reset
option on the tray menu, and better stability in Windows 7 and 8.
netspeedmonitor for windows pc 2018
download from here http://festyy.com/wFV5Al
at No comments:

Lock and Unlock your Computer with a Pen drive [Hacker Style 2018]

Want a security for your PC. Try this hack, you can turn your pen drive
or USB into a security key. Without this key nobody can access your PC.
In simple language, you can lock and unlock your PC from Pen drive. Lock
and unlock your computer with a Pendrive, Hacker Style

We do this thing from an amazing software named Predator. This software
turns your Pen drive into a password. Without your Pen drive, you can’t
access your PC. If you unplug Pen drive from your PC your PC will be
locked. This is one of the most advanced security for any computer user.
download from here http://festyy.com/wFZpiV
at No comments:

How to run Firefox inside Firefox.?

How to run Firefox inside Firefox.?

Yup you can run Firefox inside firefox just by typing following url.

How about Opening Firefox inside Firefox which is again in another Firefox..?
Not bad huh?
And its really easy too just type in this url in Firefox's address bar and there you go!
Firefox inside Firefox!

copy paste following url in a web browser (mozilla firefox).

chrome://browser/content/browser.xul
at No comments:

bootable pen drive WINDOWS 10 easy (2018)

making windows 10 bootable usb to boot or dual boot laptop or desktop making bootable pen drive with yumi easy tutorial
at No comments:

folder lock without any software






heres a trick to lock a folder without any software in windows operating system folder lock without any software heres the code to lock the folder :-
http://gestyy.com/wDSIby

windows password to folder lock or hide any folder in windows operating system how to lock windows folder
at 1 comment:

kali linux 2018.2 review and new features

new kali linux 2018.2 release and some new features new kali linux release
at No comments:

Searx | Your Own Privacy Search Engine | Kali Linux 2018.1

searx search engine forget about your privacy use searx dont get tracked
by google and other searh engines and websites best search engine to
protect your privacy your own search engine in kali linux start using
searx like and subscribe by cybertwist...
at No comments:

Call anyone from any number 2018

how to fake call with any number 100% working i have shown in this video
how to make fake call or fake your caller id to make fake call anywhere
to anyone you can make call with any number you want
here is the link to change caller id-http://corneey.com/wApUoh download free fake caller id
at 1 comment:

How to Get Latest Android 9.0 (P) Notification Panel on Any Device No Root

android p notification panel on any android device android p 9 is the
latest version of android os released by google just have some look on
android p notification comment if you know the full name af android p
full form of android p
at No comments:

windows xp in kali linux full installation 2018




installing windows xp in kali linux full installation tutorial 2018 in this tutorial i will show you how to install windows xp in kali linux.
at No comments:
Subscribe to: Posts (Atom)