How to Hack a wordpress site – Practice guide with examples

In this guide we will see how to hack a WordPress site.

This choice by the user however entails serious problems for the Internet as a whole, introducing a large stream of webmasters and service providers not always specialized in implementing and administering these sites.

In fact many vulnerabilities are linked to the technical deficiencies of these suppliers and the updates of the various plugins. Let’s move on to the facts, going into the details of our test.

Hacking a WordPress site

Before we start using our friend Kali Linux, we make the usual tour of the various pages of the site that we want to test.

To see if the site is done in WordPress without using tools we can use these two techniques:

1. Read the contents of the web page;
2. Directly from the url we write the following string: www.sitename.com/wp-admin;

If the site is done in WordPress we will be redirected to the login page. We can also enumerate users directly from the site’s url by entering the following string:

http://sitename.com/?author=1 obtaining the following result:

Retrieved this information, if the site has not activated the relevant controls, going to the login page and entering the user found “admin” as userld and password as “password”, the site will tell us “Caution the password entered for the user admin is not correct”.

How much information we have collected with only three simple steps if you think about it and without using any tools:

1. We know that the site is done in WordPress.
2. Know the login page.
3. Know (very important fact), that there is a user called “admin”.

We could stop here and try for example a brute force of passwords, but we want to know in detail the technique and analyze all the collected info, right?

Discover User Name

We open a terminal (wpscan is already present in Kali Linux) and type the following command:

wpscan –help

As we can see we have several options to use, depending on the scan we want to perform. Let’s start by scanning our site by typing the following command:

wpscan --url http://nomesito.com

and press enter from the keyboard. –url (will scan the site).

Wpscan will ask us if we want to do the update of the tools, we confirm with y.

If we analyze the log we can notice that several unused (therefore vulnerable) plug-ins have been found.

Now we proceed with the enumeration of usernames (as we did before directly from the url of the site), this time however writing the following command in wpsac:

wpscan --url http://nomesito.com/ --enumerate u

As we can see wpscan returned the name (in this case there is only one user otherwise we would have seen the list of names).

What are we missing? Find your passwords.

Find out Access Code

Download a good dictionary, open a terminal and write the command:

wpscan --URL http://nomesito.com/ --password nomewordlist.txt --username “nome utente trovato”

–password (is the password file).

–username (are users found while scanning).

Discovering the password we have access to the admin page of the site tested.

I leave it to you to think what an attacker might do (change the home page of the site, load a backdoor to use to connect without redoing any of the procedure explained before).

Also once the backdoor is loaded, even if the site is updated the attacker can log in at any time and potentially cause damage.

I do not accept any responsibility for the use you make of the guide, as it is written for didactic and formative use.

N.B. It’s very important to keep your website updated to avoid these types of attacks.

Read also:

• OPENAI HAS DEVELOPED WHISPER!
• APPLE MAY INTRODUCE THE USE OF THIRD PARTY APP STORES
• HERE IS THE LATEST VERSION OF STABLE DIFFUSION 2.1
• TOP 5 FEATURES WE MIGHT SEE ON IOS 17
• HERE’S WHAT 2022 WAS LIKE FOR THE WEALTHIEST TECH ENTREPRENEURS