Targeting and Hacking a WordPress Site (Ninja-Sec.com – Infosec Resources )

Viewing 10 reply threads
  • Author
    Posts
    • #7215
      mohaab
      Participant

      hi

      please read our new article

      http://resources.infosecinstitute.com/hacking-a-wordpress-site/

      Enjoy 🙂

    • #45128
      ChrisLaz
      Participant

      Very interesting approach. Thank you for sharing.

    • #45129
      j0rDy
      Participant

      nice hack! I always enjoy reading hacks like this, there fun and still very informative.

    • #45130
      vp75
      Participant

      Thanks for sharing, also reading some of the articles which interests me……

    • #45131
      MrTuxracer
      Participant

      That’s the Hack-me “HackademicRTB1” provided by GhostInTheLab  🙂 I’ve posted a slightly different solution for it on my blog, but it works on this way too.

      Thanks for sharing!

    • #45132
      Seen
      Participant

      Interesting, I’ll have to try this against my wordpress site, thanks.

    • #45133
      SephStorm
      Participant

      Now I havent looked at the article yet, but my question is, what would be the approval for this? Would you need to contact WP or just have permission from the blog owner?

    • #45134
      hayabusa
      Participant

      @ SephStorm – you can host your own WordPress site, so pentesting an individual’s site wouldn’t require any permission from WordPress, just the owner of the site and / or the server owner / provider, if the site is hosted.

    • #45135
      Anonymous
      Participant

      Yeah just download and maybe use WAMP kit

    • #45136
      MaXe
      Participant

      Some constructive feedback:  ;D
      * Hacking other sites on the same server and / or the Registrar is illegal unless you have explicit permission to hack any of these.

      * The: “nmap -O” command will only make a “best guess” on what the target is running, and this highly depends on 1) The NMAP version, 2) The open ports, 3) Services

      * Example: scanme.nmap.org can be anything from Windows to Linux, depending on if you use NMAP or Xprobe2, and of course also which version of NMAP. (This is just an example out of context.)

      * About the hash(es) that were cracked, here’s some notes.

      All of these three hashes, is “admin” in cleartext:
      $P$BknpJUI2S.F6oD9bsAjRgZKBrQ2ct60
      $P$BOOqZK9L94G3iXsjBlWLO5RbMSsLqW/
      $P$Bc/LbIyetpQ1O21TcSJIq7zHr22Eiz.

      (Note: WordPress version 3.3.1)

      These three hashes are also “admin” in cleartext:
      $P$BBZNzh4ejzux/Q1XJeYa4bMoXVbE0o1
      $P$BHbYY6iira4PZGTbnQGj52DPaqfn3t0
      $P$BXqXvkYvNkAM1b.N3qZXY6K5Y/mkj90

      (Note: WordPress version 2.8.4)

      In case you wonder, $P$ comes from class_phpass.php:
      $output = ‘$P$’; in the function gensalt_private($input); function.

      * When an attacker comes across a kernel version like this: 2.6.31.5-127.fc12.1686, the last number (127) is often the distribution specific patch number. (Meaning security patches could’ve been applied nullifying known vulnerabilities for 2.6.31.5)

      No offense intended of course, there’s just a few loose ends  😉

    • #45137
      SephStorm
      Participant

      learning is occurring. Wait a minute… is ninja-sec affiliated with ISI? These guys are getting around…

      OKAY, the answer is on the resources page:
      “Mohamed Ramadan is a researcher for InfoSec Institute. He also teaches Penetration Testing at Ninja-Sec.com.”

Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?