Hell guys! I found Null Byte today! I'm so excited about this forum. I got a basic knowledge about hacking(I thought hacking is easy before finding this :D)
So, I was wondering if there is any "easy" way to hack in-to a WordPress website. Maybe with simple steps so anyone can understand? :)
Regards!
Forum Thread:
Whatsapp Hack?
16
Replies
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Hack Android Using Kali (Remotely)
Tutorial:
DNS Spoofing
How To:
Hack Networks & Devices Right from Your Wrist with the Wi-Fi Deauther Watch
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Set Your Wi-Fi Card's TX Power Higher Than 30 dBm
How To:
Hunt Down Wi-Fi Devices with a Directional Antenna
How To:
Hack Apache Tomcat via Malicious WAR File Upload
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
How To:
Install Kali Linux as a Portable Live USB for Pen-Testing & Hacking on Any Computer
Advanced Nmap:
Top 5 Intrusive Nmap Scripts Hackers & Pentesters Should Know
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
How To:
Crack Wi-Fi Passwords—For Beginners!
How To:
The Hacks Behind Cracking, Part 2: How to Generate Software Keys
How To:
Create Rainbow Tables for Hashing Algorithms Like MD5, SHA1 & NTLM
How To:
Upgrade a Dumb Shell to a Fully Interactive Shell for More Flexibility
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords with Cowpatty
11 Responses
Pramod Indunith:
First of all, hacking is not easy at all. It takes a lot of work. I've been teaching myself for years and I feel like I've barely even scratched the surface.
Secondly, what are your intentions with hacking into that website.
Thirdly, if you are wanting to hack websites, you will have to learn HTML at the very least. Here is a link to learn that and more.
http://www.w3schools.com/
ghost_
yes there are super easy ways to hack word-press you just have to know what version is used and what add ons are used then Google search know vulnerabilities for them usually people don't have everything up to date...
Hi, ICQ's post above is correct and spot on. Find the WordPress Version, the Theme, and all the plugins for the site. Then learn your way around:
exploit-db.com
exploit-db.com/google-hacking-database
Search 'wordpress' on those sites.
You can try Google dorks, but you can only get about 1,000 sites from google serps.
I also use wpdata.monster because it already has all the info that I might need.
try reverse ip best and works most of the times :P or you can use wpscan to scan some known vulnerabilities
if you are using kali (or any linux just instal the program) use
wpscan --url yoursitehere and it will try to show you what version it is its plugins and then you just google know vulnerabilities :D
Thank you all for your comments.
I think it would be great if one of you can post a thread about this. I'm not the only one who willing to learn to hack a wordpress site ;)
https://null-byte.wonderhowto.com/forum/problem-solving-is-essential-hacker-skill-0150882/
"Whenever a new hack is developed, the security industry and the software developers immediately begin to work to close the vulnerability. A hack that works today, likely won't work tomorrow. That's where your problem-solving skills come in."
Hacking isn't about following guides.
ghost_
Hey ghost,
True, but everyone has to start somewhere, so asking questions and asking for a dedicated thread is okay. Problem is... who really wants to share the nuts and bolts
for no monetary gain and at the same time create more competition. lol
Anyways, most vulns in wordpress come from the plugins. Those are created by anyone that can code php and usually not updated often.
First find out which version of Wordpress the target is running(backtrack/kali linux has some scanners to do this)
then look for 0 day exploits
http://www.exploit-db.com/
http://1337day.com/
Any way to login back to the admin panel, if some one forgets the admin password and have no access to database or hosting panel ..
DOES WPSCAN TRACES OUR IP OR ANY physical trace and not just wpscan but does nmap trace too...
regards..
Share Your Thoughts