Hell guys! I found Null Byte today! I'm so excited about this forum. I got a basic knowledge about hacking(I thought hacking is easy before finding this :D)
So, I was wondering if there is any "easy" way to hack in-to a WordPress website. Maybe with simple steps so anyone can understand? :)
Regards!
Forum Thread:
Gaining Access into the Victim's Whatsapp on Android
12
Replies
Forum Thread:
Whatsapp Hack?
19
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Dox Anyone
How To:
Crack SSH Private Key Passwords with John the Ripper
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
How To:
Target Bluetooth Devices with Bettercap
How To:
Scan Websites for Interesting Directories & Files with Gobuster
How To:
Exploit WebDAV on a Server & Get a Shell
How To:
Easily Find an Exploit in Exploit DB and Get It Compiled All from Your Terminal.
The Hacks of Mr. Robot:
How to Hide Data in Audio Files
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
How To:
Get Root with Metasploit's Local Exploit Suggester
11 Responses
Pramod Indunith:
First of all, hacking is not easy at all. It takes a lot of work. I've been teaching myself for years and I feel like I've barely even scratched the surface.
Secondly, what are your intentions with hacking into that website.
Thirdly, if you are wanting to hack websites, you will have to learn HTML at the very least. Here is a link to learn that and more.
http://www.w3schools.com/
ghost_
yes there are super easy ways to hack word-press you just have to know what version is used and what add ons are used then Google search know vulnerabilities for them usually people don't have everything up to date...
Hi, ICQ's post above is correct and spot on. Find the WordPress Version, the Theme, and all the plugins for the site. Then learn your way around:
exploit-db.com
exploit-db.com/google-hacking-database
Search 'wordpress' on those sites.
You can try Google dorks, but you can only get about 1,000 sites from google serps.
I also use wpdata.monster because it already has all the info that I might need.
try reverse ip best and works most of the times :P or you can use wpscan to scan some known vulnerabilities
if you are using kali (or any linux just instal the program) use
wpscan --url yoursitehere and it will try to show you what version it is its plugins and then you just google know vulnerabilities :D
Thank you all for your comments.
I think it would be great if one of you can post a thread about this. I'm not the only one who willing to learn to hack a wordpress site ;)
https://null-byte.wonderhowto.com/forum/problem-solving-is-essential-hacker-skill-0150882/
"Whenever a new hack is developed, the security industry and the software developers immediately begin to work to close the vulnerability. A hack that works today, likely won't work tomorrow. That's where your problem-solving skills come in."
Hacking isn't about following guides.
ghost_
Hey ghost,
True, but everyone has to start somewhere, so asking questions and asking for a dedicated thread is okay. Problem is... who really wants to share the nuts and bolts
for no monetary gain and at the same time create more competition. lol
Anyways, most vulns in wordpress come from the plugins. Those are created by anyone that can code php and usually not updated often.
First find out which version of Wordpress the target is running(backtrack/kali linux has some scanners to do this)
then look for 0 day exploits
http://www.exploit-db.com/
http://1337day.com/
Any way to login back to the admin panel, if some one forgets the admin password and have no access to database or hosting panel ..
DOES WPSCAN TRACES OUR IP OR ANY physical trace and not just wpscan but does nmap trace too...
regards..
Share Your Thoughts