g2s13

1. G2S13
2. =====
3.  
4.  
5. Content Management System
6. -------------------------
7. For creating a whole new website, you just need to drag and drop the site's element only. You do not need to have very awesome knowledge of HTML, JS, PHP and all.... So you are just required to have a good knowledge of english and grammer.
8.  
9. WordPress also provides the CMS
10. -------------------------------
11.  
12. How to recognise the site is in wordpress
13. 1. Wappalyser
14. 2. add wp-admin or wp-login in the end of thr url
15. 3. we will see "wp-content", when we look up for the image location
16.  
17. https://lh3.googleusercontent.com/F7mmPG4ZnEee3SIwxSPXH8vdLZ3jdyShtFvyH7rDhbbejFX1GCiWjbqwisDc59iWVScWVjdKJt0XjGWN20eR8ZpNtnYb_HU=w614-h408
18.  
19. https://www.mercedes-benz.com/wp-content/uploads/sites/3/2017/09/03-mercedes-benz-vehicles-mercedes-amg-project-one-hypercar-iaa-2017-2560x1440-1280x720.jpg
20.  
21. https://lh3.googleusercontent.com/YkbeAuJ5-MVlEcPN-TvochVgpX66RjUiMVx1xxN84jbCi8u1Ja_WfpMK5eAmenK0_ImPpOruLupMjDENZHYtABDyaN4gDLs=w614-h257
22.  
23.  
24. https://tctechcrunch2011.files.wordpress.com/2017/11/dscf3306.jpg?w=738
25.  
26. https://media.newyorker.com/photos/5a189694ac3ab35aa8cf2f1c/4:3/w_580,c_limit/AP_17320629923438.jpg
27.  
28. Download Wordpress ---> www.wordpress.org ---> 4.8
29.  
30. http://127.0.0.1/wordpress/wp-content/uploads/2017/11/bharti-210x300.jpg
31.  
32. Hacking into wordpress website
33. ------------------------------
34. wpscan --> Inbuild tool for kali linux. Used for enumerating and scanning the Wordpress Website.
35.  
36.  
37. #wpscan
38.  
39. #wpscan --url 172.16.79.141/wordpress
40.  
41. #wpscan --url 172.16.79.141/wordpress --enumerate t --> to enumerate the data about theme
42.  
43. #wpscan --url 172.16.79.141/wordpress --enumerate p --> to enumerate the data about plugins
44.  
45.  
46. #wpscan --url 172.16.79.141/wordpress --enumerate u --> to enumerate the data about username
47.  
48. wpscan --url 172.16.79.141/wordpress --wordlist /usr/share/wordlists/rockyou.txt --username anjalisharma ----> for bruteforcing the password
49.  
50.  
51. wp-login changer ----> wp-admin ---->
52. www.xyz.com/wp-admin ---> login page
53. www.xyz.com/helloDudes.php
54.  
55. Login Limiter
56.  
57.  
58.  
59.  
60.  
61.  
62.  
63.  
64.  
65.  
66.  
67.  
68. The OpenVAS (Open Vulnerability Assessment System) scanner is a comprehensive vulnerability assessment system that can detect security issues in all manner of servers and network devices. OpenVAS is updated through the Network Vulnerability Tests (NVTs) feed. It is pre-installed in Kali 2.0 (2016) version. It uses Greenbone Security Assessment as the Control Authority of it. It is also listed in the best Network Scanning Report Generation tools.
69.  
70. Scan Types :
71.  
72. = Full Scan for a full test of network, server and web application vulnerabilities.
73.  
74. = Web Server Scan a more focused test for web server and web application vulnerabilities.
75.  
76. = WordPress Scan testing for known WordPress vulnerabilities and web server issues.
77.  
78. = Joomla Scan testing for known Joomla vulnerabilities and web server issues.
79.  
80.  
81. Running OpenVAS
82. ===============
83.  
84. Requirements : Kali 2.0 (2016.1) , Iceweasel Browser, OpenVAS
85.  
86. --------------------------------------------------------------------------------