Listen to this Post
HTB Academy: Hacking WordPress
https://academy.hackthebox.com
This article delves into the intricacies of hacking WordPress, covering both manual and automated techniques. Below are some practical commands and codes to help you get started with WordPress penetration testing.
Manual Enumeration Techniques
1. Directory Brute-forcing
Use `gobuster` to find hidden directories:
gobuster dir -u http://example.com -w /path/to/wordlist.txt
2. Version Detection
Check the WordPress version by inspecting the page source or using curl:
curl -I http://example.com | grep -i "X-Powered-By"
Automated Enumeration with WPScan
1. Basic Scan
Run a basic WPScan to enumerate plugins, themes, and users:
wpscan --url http://example.com --enumerate p,t,u
2. Password Brute-forcing
Use WPScan to brute-force WordPress login:
wpscan --url http://example.com --passwords /path/to/passwords.txt --usernames admin
Attacking WordPress Users
1. Exploiting Weak Passwords
Use `hydra` to brute-force WordPress login:
hydra -l admin -P /path/to/passwords.txt example.com http-post-form "/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log+In:F=Invalid username"
WordPress Security Hardening
1. Disable Directory Listing
Add the following to your `.htaccess` file:
Options -Indexes
2. Limit Login Attempts
Use a plugin like “Limit Login Attempts Reloaded” or add the following to wp-config.php:
define('WP_MAX_LOGIN_ATTEMPTS', 4);
define('WP_LOCKOUT_DURATION', 1200);
What Undercode Say
WordPress is one of the most widely used content management systems, making it a prime target for attackers. Understanding both manual and automated techniques for enumerating and exploiting WordPress vulnerabilities is crucial for cybersecurity professionals. Tools like WPScan, Gobuster, and Hydra are indispensable for penetration testers.
To secure a WordPress site, always keep the core, themes, and plugins updated. Disable directory listing, limit login attempts, and use strong passwords. Regularly audit your site for vulnerabilities using tools like WPScan and implement security best practices.
For further reading, visit:
By mastering these techniques and tools, you can effectively secure or exploit WordPress sites, depending on your role. Always practice ethical hacking and ensure you have proper authorization before testing any system.
References:
Hackers Feeds, Undercode AI


