Методы взлома WordPress

Hack WordPress

Tools for Scanner WP site
-Nmap NSE Script
-Burp Suite
-WPScan
-CMSMap

Tools for detect vulnerability:

— Nikto Vulnerability Scanner
— OpenVAS Vulnerability Scanner
— $ nmap -Pn exemple.com
— nesus

ButForce Login

curl -X POST -d "wp.getUsersBlogs
adminpass" http://examplewp.com/xmlrpc.php


Organization DOS

curl -X POST -d "system.listMethods" http://examplewp.com/xmlrpc.php

Books and posts:

metasploit
https://www.exploit-db.com/
https://www.securityfocus.com/bid
Exploiting vulnerability WP Core
https://cvedetails.com

Примеры уязвимостей WP:
https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html