Disclaimer do not do this on any machines you do not own or have been given consent to do so on!
Here are some tips and tricks I have picked up for wordpress hacking. I thought this might be a good post since my page is constantly being attacked. Even if I know they will never get in.
WordPress File structure:
tree -L 1 /var/www/html
.
├── index.php
├── license.txt
├── readme.html
├── wp-activate.php
├── wp-admin
├── wp-blog-header.php
├── wp-comments-post.php
├── wp-config.php
├── wp-config-sample.php
├── wp-content (plugins and themes)
├── wp-cron.php
├── wp-includes (contains everything but admin and themes)
├── wp-links-opml.php
├── wp-load.php
├── wp-login.php
├── wp-mail.php
├── wp-settings.php
├── wp-signup.php
├── wp-trackback.php
└── xmlrpc.php
WordPress version - source code
curl -s -X GET IP_ADD | grep '<meta name="generator"'
WordPress Plugins
curl -s -X GET IP_ADD | sed 's/href=/\n/g' | sed 's/src=/\n/g' | grep 'wp-content/plugins/*' | cut -d"'" -f2
WordPress Themes
curl -s -X GET IP_ADD | sed 's/href=/\n/g' | sed 's/src=/\n/g' | grep 'themes' | cut -d"'" -f2
curl -I -X GET IP_ADD/PATH (see WP file structure)
curl -s -X GET IP_ADD/P | html2text
WordPress finding user names: (version 4.7.1)
curl http://blog.inlanefreight.com/wp-json/wp/v2/users | jqOf course I cant condone any of this being done on other peoples pages so to anyone getting attacked on wordpress here are some tips to stop attackers. You can get the following plugins that will assist you: Sucuri Security (A security program that will log the attacks) WP 2FA (which will allow you to do 2fa). The best way to stop anyone from getting into your stuff is to have 2fa turned on. Because even if they guess your password they won’t be able to get in since you are the only one with 2fa (I recommend a yubikey for all 2fa needs). I personally do not allow comments because then you’ll be open to other attacks such as XSS or SQL injections. I find it best to keep it on lock down.
