Wordpress

In this class we will be teaching enumeration techniques for the content management system (CMS) WordPress. A content manager is a tool that allows the creation, management and publication of digital content on the web, such as web pages, blogs, online stores, among others.

WordPress is a very popular open source CMS that was launched in 2003. It is used by millions of websites worldwide and stands out for its ease of use and flexibility. With WordPress, users can create and customize websites without the need for advanced programming skills. In addition, it has a wide variety of templates and plugins that allow you to add additional functionality to the site.

• verify version

  whatweb DOAMIN or IP
  

• Review the page

  curl -s -X GET "DOMAIN" | grep "plugins"    # show plugins
  curl -s -X POST "DOMAIN"                      # show plugins
  curl -s -X POST "DOMAIN" -d@file.xml       # share an file POST at webpage when exist xmlrpc.php--> searching wp.getUserBlogs
  
  # review the author for possible enumeration of users
  # test the direction wp-admin/     --> enumeration users and frute force
  # test /wp-content/plugins         --> show list of plugins
  # test /xmlrpc.php                 --> show enumerate passwords
  

• Scanning WordPress

  wpscann --url DOMAIN
  # identify plugins for vulnerabilities
  wpscan --url DOMAIN -e vp --api-token=""     # -e vp search vulnerabilities, --api-token you have create an account in wpscan and copy the culnerabilities for show the vulnerabilities for show vulnerabilities of page
  

• force brute

  wpscan --url DOMAIN -U user -P wordlist