Conetent Managment System

G2 S13
======

Content Management System
————————-
For creating a whole new website, you just need to drag and drop the site’s element only. You do not need to have very awesome knowledge of HTML, JS, PHP and all…. So you are just required to have a good knowledge of english and grammer.

WordPress also provides the CMS
——————————-

How to recognise the site is in wordpress
1. Wappalyser
2. add wp-admin or wp-login in the end of thr url
3. we will see “wp-content”, when we look up for the image location

Download WordPress —> www.wordpress.org —> 4.8

http://127.0.0.1/wordpress/wp-content/uploads/2017/11/bharti-210×300.jpg

Hacking into wordpress website
——————————
wpscan –> Inbuild tool for kali linux. Used for enumerating and scanning the WordPress Website.

http://wpvulndb.com/
https://www.exploit-db.com/search/?action=search&q=Wordpress&g-recaptcha-response=03AEMEkElbXryPzjQ4qO96WxcRtuAUiuH1kOQbLeoKXs_f0OcnjAkk2Ky1SMMf8UU974FBo5k2SAcl3_o_AthoC3rPANI-zfzDWdFlmb5I0D-NiSybekULcFSNddw5b5OIdjy8vXihyh9y3SV2giTsE-_tpi8eCayAmyXudMI9zlfjCNvTrrtAkQlkfiZbXci-9T6UBc29VeFXe3angg-vIlZ10spH6NGKa1CepUJ7gYcq2tAz9vtfTWGt6vFGUfn_GRBBu7lDhrNsK5xwzLcC2N4jQmnZefx4MA

#wpscan

#wpscan –url 172.16.79.141/wordpress

#wpscan –url 172.16.79.141/wordpress –enumerate t –> to enumerate the data about theme

#wpscan –url 172.16.79.141/wordpress –enumerate p –> to enumerate the data about plugins

#wpscan –url 172.16.79.141/wordpress –enumerate u –> to enumerate the data about username

wpscan –url 172.16.79.141/wordpress –wordlist /usr/share/wordlists/rockyou.txt –username root —-> for bruteforcing the password

wp-login changer —-> wp-admin —->
www.xyz.com/wp-admin —> login page
www.xyz.com/helloDudes.php

Login Limiter

—————————————————————————————————————————–

The OpenVAS (Open Vulnerability Assessment System) scanner is a comprehensive vulnerability assessment system that can detect security issues in all manner of servers and network devices. OpenVAS is updated through the Network Vulnerability Tests (NVTs) feed. It is pre-installed in Kali 2.0 (2015) version. It uses Greenbone Security Assessment as the Control Authority of it. It is also listed in the best Network Scanning Report Generation tools.

Scan Types :

= Full Scan for a full test of network, server and web application vulnerabilities.

= Web Server Scan a more focused test for web server and web application vulnerabilities.

= WordPress Scan testing for known WordPress vulnerabilities and web server issues.

= Joomla Scan testing for known Joomla vulnerabilities and web server issues.

Running OpenVAS
===============

Requirements : Kali 2.0 (2015.1) , Iceweasel Browser, OpenVAS

———————————
BUFFER OVERFLOWS – https://www.youtube.com/watch?v=1S0aBV-Waeo
https://ufile.io/r5342

4 comments on “Conetent Managment System
  1. Hello! Do you know if they make any plugins to safeguard against hackers? I’m kinda paranoid about losing everything I’ve worked hard on. Any recommendations?

    • yes i happy to help you. there are many ways to get rid off.
      but the best and easiest way to make your password very stronger and with ssl certificate on your website.
      and also use plugin called login limiter.this plugin is very helpful

  2. Great remarkable issues here. I am very satisfied to peer your article. Thanks so much and i am taking a look ahead to contact you. Will you please drop me a mail?

  3. politics We n we publish all of them current and advanced news World, estimates experts. All negative on earth exists with the quiet tacit consent of the indifferent. No one provides us with incentives. We are Disinterested. We are building a civil society. The people are the bearer of sovereignty and the only source of power. No one can usurp power. Useful topics – Crime Missouri Business reply of show cause notice format dupaco mortgage calculator apo ae 09180 illuminati captain america idbi housing loan statement

Leave a Reply

Your email address will not be published. Required fields are marked *

*