g2s13

1. G2 S13
2. ======
3.  
4. Content Management System
5. -------------------------
6. For creating a whole new website, you just need to drag and drop the site's element only. You do not need to have very awesome knowledge of HTML, JS, PHP and all.... So you are just required to have a good knowledge of english and grammer.
7.  
8. WordPress also provides the CMS
9. -------------------------------
10.  
11. How to recognise the site is in wordpress
12. 1. Wappalyser
13. 2. add wp-admin or wp-login in the end of thr url
14. 3. we will see "wp-content", when we look up for the image location
15.  
16. https://lh3.googleusercontent.com/F7mmPG4ZnEee3SIwxSPXH8vdLZ3jdyShtFvyH7rDhbbejFX1GCiWjbqwisDc59iWVScWVjdKJt0XjGWN20eR8ZpNtnYb_HU=w614-h408
17.  
18. https://www.mercedes-benz.com/wp-content/uploads/sites/3/2017/09/03-mercedes-benz-vehicles-mercedes-amg-project-one-hypercar-iaa-2017-2560x1440-1280x720.jpg
19.  
20. https://lh3.googleusercontent.com/YkbeAuJ5-MVlEcPN-TvochVgpX66RjUiMVx1xxN84jbCi8u1Ja_WfpMK5eAmenK0_ImPpOruLupMjDENZHYtABDyaN4gDLs=w614-h257
21.  
22.  
23. https://tctechcrunch2011.files.wordpress.com/2017/11/dscf3306.jpg?w=738
24.  
25. https://media.newyorker.com/photos/5a189694ac3ab35aa8cf2f1c/4:3/w_580,c_limit/AP_17320629923438.jpg
26.  
27. Download Wordpress ---> www.wordpress.org ---> 4.8
28.  
29. http://127.0.0.1/wordpress/wp-content/uploads/2017/11/bharti-210x300.jpg
30.  
31. Hacking into wordpress website
32. ------------------------------
33. wpscan --> Inbuild tool for kali linux. Used for enumerating and scanning the Wordpress Website.
34.  
35.  
36. #wpscan
37.  
38. #wpscan --url 172.16.79.141/wordpress
39.  
40. #wpscan --url 172.16.79.141/wordpress --enumerate t --> to enumerate the data about theme
41.  
42. #wpscan --url 172.16.79.141/wordpress --enumerate p --> to enumerate the data about plugins
43.  
44.  
45. #wpscan --url 172.16.79.141/wordpress --enumerate u --> to enumerate the data about username
46.  
47. wpscan --url 172.16.79.141/wordpress --wordlist /usr/share/wordlists/rockyou.txt --username anjalisharma ----> for bruteforcing the password
48.  
49.  
50. wp-login changer ----> wp-admin ---->
51. www.xyz.com/wp-admin ---> login page
52. www.xyz.com/helloDudes.php
53.  
54. Login Limiter
55.  
56.  
57. -----------------------------------------------------------------------------------------------------------------------------
58.  
59.  
60. The OpenVAS (Open Vulnerability Assessment System) scanner is a comprehensive vulnerability assessment system that can detect security issues in all manner of servers and network devices. OpenVAS is updated through the Network Vulnerability Tests (NVTs) feed. It is pre-installed in Kali 2.0 (2016) version. It uses Greenbone Security Assessment as the Control Authority of it. It is also listed in the best Network Scanning Report Generation tools.
61.  
62. Scan Types :
63.  
64. = Full Scan for a full test of network, server and web application vulnerabilities.
65.  
66. = Web Server Scan a more focused test for web server and web application vulnerabilities.
67.  
68. = WordPress Scan testing for known WordPress vulnerabilities and web server issues.
69.  
70. = Joomla Scan testing for known Joomla vulnerabilities and web server issues.
71.  
72.  
73. Running OpenVAS
74. ===============
75.  
76. Requirements : Kali 2.0 (2016.1) , Iceweasel Browser, OpenVAS