Wordpress Admin username's Password Brute Force Attack

 Wordpress Admin username's Password Brute Force Attack


Open terminal in kali linux and type 'wpscan --url http://site.com/ --enumerate u' and hit 
enter now wait few minutes you will get the users of website now you need the wordlist 'I 
don't have any wordlist so make your own, i will share the link of wordlist in comments when 
i make my own wordlist or find the wordlist', save on the desktop wordlist you have created 
or downloaded and save it as 'wordlist'. Now type 'wpscan --url http://site.com/ --wordlist 
'/path/wordlist.txt --username USERNAME HERE' (For this step you can drop and drag the 
wordlist on terminal) and hit enter then wait few minutes for BRUTE FORCE to check the 
passwords, You will get the password of admin user. 'IF YOUR LUCK IS WITH YOU'

Commands -
root@kali:~# wpscan --url http://site.com/ --enumerate u
root@kali:~# wpscan --url http://site.com/ --wordlist '/path of wordlist/wordlist.txt' --username USERNAME
Some examples are below !!! 








Note - This will work when the admin user's password is in your wordlist. And sometimes terminal will ask you for 'redirection' simply type 'Y' and hit enter.
PM me if you face any problem while brute forcing the password

Comments

Popular Posts