NEW CONTENT RANDOM THREAD Unread Post

Cara mendapatkan Username Website berBasis CMS WordPress dengan WPScan

by Nue Bhandell - 04-30-2016 at 02:38 PM
Nue Bhandell
Staff
Moderators
Posts:
45
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#1
OP
Posted: 04-30-2016, 02:38 PM (This post was last modified: 05-02-2016, 01:04 PM by Nue Bhandell.)
[Image: linus.jpg]
xixixhi, happy sadnight mblo :v akwkwa
udh ramein porum aje awkkwa, moga thread garing ini bermanfaat bebz  :heart:
WPScan ini di gunakan untuk mengetahui username pada CMS Wordpress dan juga bisa mengetahui Password, namun jika ingin mengetahui passwordnya harus mempunyai wordlist nya.

langsung aja deh

Pertama" buka Terminal dan ketik kan

wpscan -u (target) --enumerate u

[Image: 13120487_784689834998705_1965889797_o.pn...e=5729B542]

NB: pada --enumerate u , Huruf "U" itu berarti Username, Jika untuk mencari Password ganti aja dengan Huruf "P".

Selanjutnya tunggu hingga scanning nya selesai.

[Image: 13052536_784689831665372_1432977301_o.pn...e=572981AC]

Jika Sudah selesai akan muncul seperti ini.

[Image: 13091751_784689844998704_388074066_o.png...e=57299EE9]

Disini saya menemukan 5 Username, yaitu
- adminin
- em2ka
- riki
- kartika
- sihono

Selanjutnya bijimana ama password nya o.O ?? seperti yang tadi ane bilang di awal..
dh yee gengs , semoga brmanfaat  :cool:
oke saatnya Nue dan tim katakan mampus cabut dlu
#jemputdoidlu  :cool:


SUMUR
Message
Reply
Find Posts
ikkeeeh
Junior Member
Posts:
13
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#2
Posted: 05-01-2016, 10:19 AM
langsung di coba
Message
Reply
Find Posts
./EL-Mueeza_23
Junior Member
Posts:
37
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#3
Posted: 05-02-2016, 06:12 AM
Unable to get https://data.wpscan.org/local_vulnerable...xml.sha512 (Timeout was reached)

gan ane dapet warn kaya gitu kenapa ya pas mau update database :/
Message
Reply
Find Posts
Nue Bhandell
Staff
Moderators
Posts:
45
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#4
OP
Posted: 05-02-2016, 01:05 PM (This post was last modified: 05-02-2016, 01:07 PM by Nue Bhandell.)
(05-01-2016, 10:19 AM)ikkeeeh Wrote: langsung di coba

jozz
(05-02-2016, 06:12 AM)./EL-Mueeza_23 Wrote: Unable to get https://data.wpscan.org/local_vulnerable...xml.sha512 (Timeout was reached)

gan ane dapet warn kaya gitu kenapa ya pas mau update database :/

langsung tanya ke grup backbox Linux indonesia aja gan..
maap gan , ane masih awam banget sama warn2. tpi di warn ente itu gagal update, mungkin dari reponya gan.

CMIIW
Message
Reply
Find Posts
./EL-Mueeza_23
Junior Member
Posts:
37
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#5
Posted: 05-03-2016, 05:10 AM
(05-02-2016, 01:05 PM)Nue Bhandell Wrote:
(05-01-2016, 10:19 AM)ikkeeeh Wrote: langsung di coba

jozz
(05-02-2016, 06:12 AM)./EL-Mueeza_23 Wrote: Unable to get https://data.wpscan.org/local_vulnerable...xml.sha512 (Timeout was reached)

gan ane dapet warn kaya gitu kenapa ya pas mau update database :/

langsung tanya ke grup backbox Linux indonesia aja gan..
maap gan , ane masih awam banget sama warn2. tpi di warn ente itu gagal update, mungkin dari reponya gan.

CMIIW

thanks bro
Message
Reply
Find Posts
bl4ck5h4d0w
Junior Member
Posts:
2
Joined:
Aug 2016
Likes:
0
Reputation:
0
2 Year Of Member
#6
Posted: 09-04-2016, 07:26 PM (This post was last modified: 09-04-2016, 07:28 PM by bl4ck5h4d0w. Edit Reason: bad typing )
setau ane sih p bukan password
-Enumerate installed plugins ...
ruby wpscan.rb --url http://www.example.com --enumerate p
p bukan password tapi untuk melihat plugin yang terinstall
untuk password bsa pake wpscan

sudo wpscan --url http://www.blal.bla ---wordlist dir --username admin
cmiiw
Message
Reply
Find Posts
Nfaz404
Junior Member
Posts:
2
Joined:
Nov 2016
Likes:
0
Reputation:
0
2 Year Of Member
#7
Posted: 12-10-2016, 03:49 PM
untuk wordlist dapat dari mana bang
Message
Reply
Find Posts
Nfaz404
Junior Member
Posts:
2
Joined:
Nov 2016
Likes:
0
Reputation:
0
2 Year Of Member
#8
Posted: 12-14-2016, 04:32 AM
(09-04-2016, 07:26 PM)bl4ck5h4d0w Wrote: setau ane sih p bukan password
-Enumerate installed plugins ...
ruby wpscan.rb --url http://www.example.com --enumerate p
p bukan password tapi untuk melihat plugin yang terinstall
untuk password bsa pake wpscan

sudo wpscan --url http://www.blal.bla ---wordlist dir --username admin
cmiiw

ane pake perintah itu kok gagal mulu ya
Message
Reply
Find Posts
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Login
Log into an existing account.
1 Guest(s)
Navigation
Latest News
Bugtracker
Team
Mark forum as read
Community
Banlist
Usergroups
Memberlist
Statistics
Help/Account
Help Documents and Rules
Contact
Login
Create an account
About Us
Forum Backbox Indonesia adalah salah satu media pembelajaran bagi siapa saja yang ingin belajar mengenai dunia Open Source khususnya untuk memperdalam Backbox Linux.
Posts:
971
Members:
1322
Threads:
199
Resources:
0
New :
spongebob