Open terminal in kali linux and type 'wpscan --url http://site.com/ --enumerate u' and hit enter now wait few minutes you will get the users of website now you need the wordlist 'I don't have any wordlist so make your own, i will share the link of wordlist in comments when i make my own wordlist or find the wordlist', save on the desktop wordlist you have created or downloaded and save it as 'wordlist'. Now type 'wpscan --url http://site.com/ --wordlist '/path/wordlist.txt --username USERNAME HERE' (For this step you can drop and drag the wordlist on terminal) and hit enter then wait few minutes for BRUTE FORCE to check the passwords, You will get the password of admin user. 'IF YOUR LUCK IS WITH YOU'
Commands -
root@kali:~# wpscan --url http://site.com/ --enumerate u
root@kali:~# wpscan --url http://site.com/ --wordlist '/path of wordlist/wordlist.txt' --username USERNAME
Note - This will work when the admin user's password is in your wordlist. And sometimes terminal will ask you for 'redirection' simply type 'Y' and hit enter.
PM me if you face any problem while brute forcing the password
ReplyDeleteHello,
we provide affordable and result-oriented SEO services, please give a chance to serve you.
Thanks
Admin: E07.net