From the course: Penetration Testing Web Apps with Kali and Burp Suite
Join today to access over 24,900 courses taught by industry experts.
Getting into WordPress
From the course: Penetration Testing Web Apps with Kali and Burp Suite
Getting into WordPress
- [Speaker] WordPress is a very popular content management system for individual and small business users. However, it's not without its problems, both in the way it gets installed and also with some well publicized exploits. Let's check for exploits using searchsploit wordpress and there's quite a few here. In fact, there's over a thousand covering the web application and its many plugins. We'll take a look at the Hack the Box enterprise system on IP address, 10.10.10.61. - During enumeration, we found that five ports were open. http on ports 80 and 8080. https on port 443 SSH on port 22, and an unknown port 32812. Let's do some deeper probing. We'll start by enumerating the website at port 80 using Go Buster. Go Buster Dir-U HTTP 10.10.10.61 minus w slash users slash share slash Wordlists slash d buster slash directory list lowercase 2.3 medium dot txt and we'll check for PHP files. Okay, we've found a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.