Hell guys! I found Null Byte today! I'm so excited about this forum. I got a basic knowledge about hacking(I thought hacking is easy before finding this :D)
So, I was wondering if there is any "easy" way to hack in-to a WordPress website. Maybe with simple steps so anyone can understand? :)
Regards!
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How to Hack Wi-Fi:
Cracking WEP Passwords with Aircrack-Ng
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
Steganography:
How to Hide Secret Data Inside an Image or Audio File in Seconds
How To:
Hack Like It's 1987 (An Introduction to the Telehack Retro Game)
How To:
Write an XSS Cookie Stealer in JavaScript to Steal Passwords
How To:
Make Your Own Bad USB
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
How To:
Use SpiderFoot for OSINT Gathering
How To:
Extract Bitcoin Wallet Addresses & Balances from Websites with SpiderFoot CLI
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
How To:
Stealthfully Sniff Wi-Fi Activity Without Connecting to a Target Router
How To:
Fix Bidirectional Copy/Paste Issues for Kali Linux Running in VirtualBox
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
The Top 80+ Websites Available in the Tor Network
How To:
Automate Wi-Fi Hacking with Wifite2
11 Responses
Pramod Indunith:
First of all, hacking is not easy at all. It takes a lot of work. I've been teaching myself for years and I feel like I've barely even scratched the surface.
Secondly, what are your intentions with hacking into that website.
Thirdly, if you are wanting to hack websites, you will have to learn HTML at the very least. Here is a link to learn that and more.
http://www.w3schools.com/
ghost_
yes there are super easy ways to hack word-press you just have to know what version is used and what add ons are used then Google search know vulnerabilities for them usually people don't have everything up to date...
Hi, ICQ's post above is correct and spot on. Find the WordPress Version, the Theme, and all the plugins for the site. Then learn your way around:
exploit-db.com
exploit-db.com/google-hacking-database
Search 'wordpress' on those sites.
You can try Google dorks, but you can only get about 1,000 sites from google serps.
I also use wpdata.monster because it already has all the info that I might need.
try reverse ip best and works most of the times :P or you can use wpscan to scan some known vulnerabilities
if you are using kali (or any linux just instal the program) use
wpscan --url yoursitehere and it will try to show you what version it is its plugins and then you just google know vulnerabilities :D
Thank you all for your comments.
I think it would be great if one of you can post a thread about this. I'm not the only one who willing to learn to hack a wordpress site ;)
https://null-byte.wonderhowto.com/forum/problem-solving-is-essential-hacker-skill-0150882/
"Whenever a new hack is developed, the security industry and the software developers immediately begin to work to close the vulnerability. A hack that works today, likely won't work tomorrow. That's where your problem-solving skills come in."
Hacking isn't about following guides.
ghost_
Hey ghost,
True, but everyone has to start somewhere, so asking questions and asking for a dedicated thread is okay. Problem is... who really wants to share the nuts and bolts
for no monetary gain and at the same time create more competition. lol
Anyways, most vulns in wordpress come from the plugins. Those are created by anyone that can code php and usually not updated often.
First find out which version of Wordpress the target is running(backtrack/kali linux has some scanners to do this)
then look for 0 day exploits
http://www.exploit-db.com/
http://1337day.com/
Any way to login back to the admin panel, if some one forgets the admin password and have no access to database or hosting panel ..
DOES WPSCAN TRACES OUR IP OR ANY physical trace and not just wpscan but does nmap trace too...
regards..
Share Your Thoughts