For those people who are watching this video right now ... to type in the url the command is not -u now its -url so you will have to type in that when putting in the address
a blackhaat's first act is to make a new admin user for himself, delete the original admin so they cant recuperate per email, and relogin as the new admin. then and only then should one mess with 404 pages and small things like that. take control first before showing off. Still though, WPScan was well explained. Thanks
really interesting videos thank you for all the effort you put in explaining your videos. And Please I would like to see more tutorials on exploiting web servers ect . .
download seclists off github then type in locate seclists then it cd into seclists passwords section then tar the file as rockyou.txt needs to be compressed as it is 14 million words long lol. but even with the wordlist if u are trying to do it with a real word press site your grand kids will 80 by the time the password is cracked they will still be sat there at 80 scratching their heads
if your having issues because --wordlist is not a valid command try to run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
i am totally new here. what required to do all of this, anything i need to download? im windows user. hope can help from u. and i ready to join your course after testing this. please help me. My friend.
i am using pentestbox and keep getting error as my text isnot found where do i put the wordlist as i know it is in the directory but how do i find the directory of pentextbox
@peroh Like literally i puted a rockyou list and it showed that it will complete in 55days while doing that they would patch the brute forcing metod :/
If I'm using Ubuntu 4.20 on my windows 10, how can I know what the path is of the file containing the passwords? can someone help me please so I know what path to use?
Thanx for your continuous teachings. I have been able to relearn some of what I've forgot. Continue to pump out the vids. Your fans are watching and supporting. -Glitch00010001
yeah i already have that, but i want to make an word list that is alpha numeric and has 1-10 character strings,i already have tried that with crunch but every time i try that, crunch seems to show an error so i wanted to know if there is an alternative tool for this purpose
oNerkzei (1v1er) thanks for respondin, actually the main problem I encounter is that when I create brute force word list the size is extremely big, so I can't really make a alpha-numeric woldlist which has more than 5 characters, so I'm looking for a more efficient way of creating compressed wordlists, and btw idk the compression options in cruch end up showing me an error
Inventor 707 if you want to crack passwords, use little wordlist, with a botnet. cracking from thousands of pcs is more effective than using a huge wlist
remember him blaming his laptop for being clumsy on the keyboard? 7 videos later, same struggle. The guy who 8 fingers but rather should use only point fingers
I type in the command and it says: Detected By: Author Posts - Display Name (Passive Detection) | Confirmed By: | Rss Generator (Passive Detection) | Author Id Brute Forcing - Author Pattern (Aggressive Detection) | Login Error Messages (Aggressive Detection) What should I do now????????????????????????????????????
run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
chances on a real one are slim even with the 14 million rockyou wordlist. your grandkids would still be sat at the pc at age 80 and still wouldnt have cracked it. the password needs to be in the wordlist? what's the chances of that and how long will it take to find? hack the box and try hack me all the passwords are in the wordlists built in with kali so it might seem easy on one of them ones but on a real target out in the wild.....its going to take decades possibly the age of the universe depending on the complexity of password. if its not using a mix of uppercase, lowercase, number and special character then it will be easy. but we all use that sort of policy as most websites use that sort of thing if you don't put any in then you are not agreeing to the policy conditions/terms and wont be allowed to create an account so u need to stick with password policy and staff should all know what kind of password to use its just basic baby stuff lol no ones going to hold their hand if they cant set up a password lol. they going to get fire on the spot for that shit lol
I think you underestimate how clueless most regular people are about their online security, and how many extremely flimsy auth systems are still in use. And I'm not just talking about small companies/individuals.
![[Fixed] ✔️ Windows Update Stuck at 0 % ⚠️ Windows 11 Update Stuck at 100](http://i.ytimg.com/vi/9YtJUIjqDbM/mqdefault.jpg)
For those people who are watching this video right now ... to type in the url the command is not -u now its -url so you will have to type in that when putting in the address
--url -e u vp --force -
The --wordlist was in the v2, use the --passwords option in the v3:
wpscan --url example.com --username admin --password passwd.txt
Idk if it works or not
I didnt try
@@b07x have you tried it yet?
If not i will test it
@@b07x no , its like this
wpscan --url *********** --enumerate u -P //path.txt. . . . .
Very good video. Good video showing instructions and giving tips on working and practice pen-testing in your own lab.
+Hector Garcia Jr Thanks for the feedback and support
it has the most of the famous website's passwords like yahoo gmail
6:58 wordlist.txt selected, 75 bytes
I do noticed that 😂
Sir, share ur wordlist
that's awesome keep up loading cool stuff like this
Will do.
a blackhaat's first act is to make a new admin user for himself, delete the original admin so they cant recuperate per email, and relogin as the new admin. then and only then should one mess with 404 pages and small things like that. take control first before showing off. Still though, WPScan was well explained. Thanks
As always you did it very well, thanks man
Thanks for the support.
really interesting videos thank you for all the effort you put in explaining your videos.
And Please I would like to see more tutorials on exploiting web servers ect .
.
Thank you for the support, I will continue making videos on web servers.
Thanks for your posting this video. But could you show me where can I get wordlist.text file?
it doesn't work and I can get wordlist file.
Thank you
@@jaxon496 I tried for long times, but couldn't find.
download seclists off github then type in locate seclists then it cd into seclists passwords section then tar the file as rockyou.txt needs to be compressed as it is 14 million words long lol. but even with the wordlist if u are trying to do it with a real word press site your grand kids will 80 by the time the password is cracked they will still be sat there at 80 scratching their heads
@@ashleybishton742 😂😂 true.
I'm wondering what was the relevance of the "File Manager" plugin?
if your having issues because --wordlist is not a valid command try to run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
sorry, but my kali linux does not working, do you have any idea why it doesn't works well ?
Guys in 2021 -u is changed to --url ( to specify a url address) n
the scan should be
wpscan --url 192.168.0.00 -e vp
Hello Brother
@@bulbulahmedrabbi4056 hi there
@@8080VB I want to contact you personally.
Would you give me your whatsapp number?
@@bulbulahmedrabbi4056 discord?
nicely explained as always :-)
This was a fun one! Thanks!
5:54 haha "immediately I have everything"
does wpscan package is free to use for commercial ?@HackerSploit
would you mind sharing the wordlist used in this video for bruteforcing passwords
how do i find the password to content that is password protected, or can i do the same for that?
hi.thnx for your nvideo. where i can find the wordlist please?
it works only with --url example.com --enumerate u
Best tutorial ever
That ip that ur giving is ur virtual machine turnkey linux ip right
i am totally new here. what required to do all of this, anything i need to download? im windows user. hope can help from u. and i ready to join your course after testing this. please help me. My friend.
lol
There's no real hacker in youtube. Find proper class to study about it
@@MrLennonson Of course there are , check "The Cyber Mentor"
How , and where do i download vulnerable Wpscan ....pls help
can you give us a link to your wordlist ?
@love spoofing worked for you?
@love spoofing really?? You generated or using this file?
@love spoofing ok lemme try
@love spoofing na its not cracked. .
@love spoofing hmm but not.
How long does it take for password to finish bruteforcing?
i am using pentestbox and keep getting error as my text isnot found where do i put the wordlist as i know it is in the directory but how do i find the directory of pentextbox
How Can I get this Virtual Lab ??
Great informative video. Could you make a video following on from this gaining a backdoor please ?
Great work !
Where did u get the wordlist from?
Can you use wpscan with virtual box?
Can you give us download link for your wordlist please.
yes I need the same
@@sg-rf8xs got want?
@@8080VB I didn't get that
Can you share that wordlist ??
@peroh Suree like that isnt going to take 55 days to complete
It only has 12 passwords, thats the reason why its that fast
@peroh Like literally i puted a rockyou list and it showed that it will complete in 55days
while doing that they would patch the brute forcing metod :/
@@nikolanojic6861 That sounds like a really slow PC :|
@@GOTHICforLIFE1
FX 6300 (6 cores 4.3Ghz)
8GB RAM
R7 360 2GB
If I'm using Ubuntu 4.20 on my windows 10, how can I know what the path is of the file containing the passwords? can someone help me please so I know what path to use?
@HackerSploit Sir please let me know how to install wordpress in debian...??
Wordlist doesn't always crack passwords. :/
Yes, but powerful ones do.
HackerSploit That last line of description tho 😃🇮🇳 💓 .
Can you share any powerful one?
Thanx for your continuous teachings. I have been able to relearn some of what I've forgot. Continue to pump out the vids. Your fans are watching and supporting.
-Glitch00010001
Please Sir can you provide the password world list that u have 🙇
Nice work! Go on! :-)
Will do.
what is the target machine is here
Well done
if i have 5 username and i want brute force 1 user what is the command i have try many command but always brute force all users
Do you know how to use kajack in kali?
can you make a video on creating a large wordlists in future?????
Yes.
yeah i already have that, but i want to make an word list that is alpha numeric and has 1-10 character strings,i already have tried that with crunch but every time i try that, crunch seems to show an error so i wanted to know if there is an alternative tool for this purpose
Use cupp. It is truly powerful, helped me crack a wifi pass. it was Uszoda2009.
oNerkzei (1v1er) thanks for respondin, actually the main problem I encounter is that when I create brute force word list the size is extremely big, so I can't really make a alpha-numeric woldlist which has more than 5 characters, so I'm looking for a more efficient way of creating compressed wordlists, and btw idk the compression options in cruch end up showing me an error
Inventor 707 if you want to crack passwords, use little wordlist, with a botnet. cracking from thousands of pcs is more effective than using a huge wlist
Good job!
Also i have a request. Easy but cool. Can you show us one tool piped | into another tool? peace.
Yes, will do.
Bro love U from sudan ♥
Bro how can i get someone’s wifi password? 😅 i really need it to learn about it cause i my daily data limit no sufficient for me 😢
I get a dont get it "url" (403) error how ı fix it
remember him blaming his laptop for being clumsy on the keyboard? 7 videos later, same struggle. The guy who 8 fingers but rather should use only point fingers
Likes and upload date is same ☺
I type in the command and it says:
Detected By: Author Posts - Display Name (Passive Detection)
| Confirmed By:
| Rss Generator (Passive Detection)
| Author Id Brute Forcing - Author Pattern (Aggressive Detection)
| Login Error Messages (Aggressive Detection)
What should I do now????????????????????????????????????
Yeah same issue
Lol I was literally a noob 4 years back, great to see where I've reached now!
what if the password is not on the wordlist?
What would be the reason/s for wpscan not enumerating usernames?
hello sir,,, i want to need your wordlist download links...............please send and help us...........?
Thanks alot was just thinking about how to reverse shell a website.
very cool
amazing
Please share the wordlist
Nice video ❤
+Moaz El-sawaf Thanks
Your welcome sir ❤
Can you provide me a dedicated wordpress site url? , my aim is to academic purpose.
Thanks sir
Welcome.
Can you link the wordlist? Or share it with google drive or dropbox ... Great video .
I will make a video on wordlists
HackerSploit wordlist
Which ip entered
lol, ur wordlist was only 54 bytes. you stored the exact password there
Second comment... Thank you alexis...
Welcome.
How to save the website after hacked
Mean? Just save the username n pwd
All hail are hakr guru. Namaste Respect
Thanks for the support!
Finally
Hello Brother
Can you send links to get good wordlists? @hackersploit
I will make a video on wordlists
@@HackerSploit when
Google.com there u go
can i get worldl;ist
i like your intro song
ZaniddTV What are u doing here zanidd?
p gu enjoying the intro song. obviously :P
Thanks.
Hai , can you guys help me hack, its for a rude client who denied me of cpanel access and wordpress website acess
good
I need ur wordlist.txt package
I'll be making the video
HackerSploit k bro..
Sir can you please share the source to download turnkey linux that you used in this video
wordlist option not found
run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
wpscan --url www.target.com/ -e u -U -P /root/Desktop/wordlist.txt
ERROR= " Scan Aborted: The remote website is up, but does not seem to be running WordPress."
please help!!
Curb your wordpress assumptions
lol hes cheating , he knw the password n he just only added the password with 16 words to the wordlist.txt
This man sounds like Mufti Menk lol
Wordlist??
Don't install nulled themes and plugins.
Is this work on android?
hi
Hello.
Make a tch hydra tutorial plz
Yes, will do
Can you send me word list.
Notification squad
#NotificationSquad
fsociety folder... lol
chances on a real one are slim even with the 14 million rockyou wordlist. your grandkids would still be sat at the pc at age 80 and still wouldnt have cracked it. the password needs to be in the wordlist? what's the chances of that and how long will it take to find? hack the box and try hack me all the passwords are in the wordlists built in with kali so it might seem easy on one of them ones but on a real target out in the wild.....its going to take decades possibly the age of the universe depending on the complexity of password. if its not using a mix of uppercase, lowercase, number and special character then it will be easy. but we all use that sort of policy as most websites use that sort of thing if you don't put any in then you are not agreeing to the policy conditions/terms and wont be allowed to create an account so u need to stick with password policy and staff should all know what kind of password to use its just basic baby stuff lol no ones going to hold their hand if they cant set up a password lol. they going to get fire on the spot for that shit lol
I think you underestimate how clueless most regular people are about their online security, and how many extremely flimsy auth systems are still in use. And I'm not just talking about small companies/individuals.
Pliz bro 1 gmail account hack pliz reply
I want to hack a wordpress acc
4th
Rip english
Why make this video use the wordlist and don't share it ? 👎👎
BROTHER SEND US THE LINK OF YOUR SPECIAL WORDLIST HAHAHAHAH;you can upload it on mediafire please brother and thanks a lot of
wordlists.capsop.com/
7th, dang
fifth view..