Finding Vulnerabilities and Hacking Wordpress Sites

Written by Don P on . Posted in Challenge #4 (2015)

(Reading time: 1 - 2 minutes)
Wordpress Hacking

WordPress is the most commonly used CMS (content management system) that currently exists... by a LONG shot. If you've ever been on the internet, chances are you've encountered a WordPress site or twelve. The ease of use, customability, and huge support community make this the go-to platform for blogs, eCommerce sites, news sites, and even some corporate portals.

But that doesn't mean it's secure, which is good for us. WordPress — like any other system — is completely vulnerable to exploitation due to poorly written third-party software (called plugins). And believe me, there are LOTS of poorly written code out there to satisfy our grubby intentions.

Today we're going to look at scanning for vulnerabilities and even gaining enough access to the system to generate a list of active users that we could use to brute force a password (legally, of course) using a tool called WPScan.

What You Will Need

  • Kali Linux (either a bootable LiveCD or bootable USB image)
  • WPScan (included in Kali Linux)
  • An internet connection (obviously)

Wordpress Vulnerabilites and Hacking

Scanning a WordPress site takes mere minutes and can give you enough information about what plugins the site has activated and what vulnerabilities exist in order for you to gain access to the server. Please, please use this only to audit your own WordPress sites or sites that you are currently an administrator. I am not responsible for the actions you take when scanning sites for exploitation purposes.

Now, let's get to the hack:

Comments:

More from Don Does 30

Fear and Loathing in Las Vegas: How Much Would Those Drugs Cost?

Fear and Loathing in Las Vegas: How Much Would Those Drugs Cost?

More details
Why Your Kid Won't STFU: Responding to Challenging Infant/Toddler Behavior Certification

Why Your Kid Won't STFU: Responding to Challenging Infant/Toddler Behavior Certification

More details
Day 17: 5 Actors You Probably Didn't Realize Were in

Day 17: 5 Actors You Probably Didn't Realize Were in "Band of Brothers" (Favorite Mini-Series)

More details
Christmas Eve and Christmas: A Disastrous Family Affair

Christmas Eve and Christmas: A Disastrous Family Affair

More details

Subscribe

Закажите монтаж системы отопления по лучшей цене в Киеве
Enter your email address for our latest updates and specials!