Open In App

0xWPBF – WordPress Users Enumerate and Brute Force Attack

Improve
Improve
Like Article
Like
Save
Share
Report

WordPress is a popular CMS which is been used by many web-based applications for providing the service to the end-users. WordPress CMS contains the version which is been updated due to resolved bugs and CVEs. The outdated version can make the Web-based Application vulnerable to cyber threats. Identification of Versions and detection of hidden files and directories on the domain server is also a part of Information Gathering.

0xWPBF is an automated tool developed in the Python Language which performs various types of Information Collection on WordPress Sites. 0xWPBF tool gathers information like CMS Version, Files, and Directories, Plugins, Usernames, etc. This information can be used to make the methodology while performing Penetration Testing on the domain. 0xWPBF tool is available on the GitHub platform, it’s free and open-source to use.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of 0xWPBF Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/0xAbdullah/0xWPBF.git

0xWPBF – WordPress Users Enumerate and Brute Force Attack

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd 0xWPBF

0xWPBF – WordPress Users Enumerate and Brute Force Attack

Step 3: You are in the directory of the 0xWPBF. Now list the contents of the 0xWPBF tool using the following command.

ls

0xWPBF – WordPress Users Enumerate and Brute Force Attack

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 0xwpbf.py -h

0xWPBF – WordPress Users Enumerate and Brute Force Attack

Working with 0xWPBF Tool on Kali Linux OS

Example:  URL of the target WordPress site

python3 0xwpbf.py -url http://geeksforgeeks.org

0xWPBF – WordPress Users Enumerate and Brute Force Attack

We have got the WordPress CMS Version used by http://geeksforgeeks.org domain.

We have got the Files and Directories available on the domain server.

0xWPBF – WordPress Users Enumerate and Brute Force Attack

We have got the Users list from http://geeksforgeeks.org.


Last Updated : 23 Sep, 2021
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads