🔵Wordpress

en efectom! HAHAes un wordpress

Wordpress Juicy Endpoints

wp-admin.php
wp-config.php
wp-content
wp-uploads
wp-load
wp-signup.php
wp-json
wp-includes [directory]
index.php
wp-login.php
wp-lings-opml.php
wp-activate-php
wp-blog-header.php
wp-cron.php
wp-links.php
wp-mail.php
xmlrpc.php
wp-settings.php
wp-trackback.php
wp-signup.php
admin-bar.php

Google Dorks - Sensitive Files

intitle:"index of" "WebServers.xml"

filetype:xls inurl:"email.xls"

intitle:"Index of" wp-admin

intitle:"index of" "admin/sql/"

intitle:"index of" "system/config"

wpscan --url <url> -e
--plugins-detection aggressive # Flag para enum agresiva de plugins

wpscan --url <URL> -U <user> -P <wordlist_path> # Fuzz pass (xmlrpc)

AnteriorCMS SiguienteJoomla

Última actualización hace 8 meses