For those people who are watching this video right now ... to type in the url the command is not -u now its -url so you will have to type in that when putting in the address
download seclists off github then type in locate seclists then it cd into seclists passwords section then tar the file as rockyou.txt needs to be compressed as it is 14 million words long lol. but even with the wordlist if u are trying to do it with a real word press site your grand kids will 80 by the time the password is cracked they will still be sat there at 80 scratching their heads
really interesting videos thank you for all the effort you put in explaining your videos. And Please I would like to see more tutorials on exploiting web servers ect . .
i am using pentestbox and keep getting error as my text isnot found where do i put the wordlist as i know it is in the directory but how do i find the directory of pentextbox
a blackhaat's first act is to make a new admin user for himself, delete the original admin so they cant recuperate per email, and relogin as the new admin. then and only then should one mess with 404 pages and small things like that. take control first before showing off. Still though, WPScan was well explained. Thanks
If I'm using Ubuntu 4.20 on my windows 10, how can I know what the path is of the file containing the passwords? can someone help me please so I know what path to use?
@peroh Like literally i puted a rockyou list and it showed that it will complete in 55days while doing that they would patch the brute forcing metod :/
Thanx for your continuous teachings. I have been able to relearn some of what I've forgot. Continue to pump out the vids. Your fans are watching and supporting. -Glitch00010001
i am totally new here. what required to do all of this, anything i need to download? im windows user. hope can help from u. and i ready to join your course after testing this. please help me. My friend.
if your having issues because --wordlist is not a valid command try to run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
yeah i already have that, but i want to make an word list that is alpha numeric and has 1-10 character strings,i already have tried that with crunch but every time i try that, crunch seems to show an error so i wanted to know if there is an alternative tool for this purpose
oNerkzei (1v1er) thanks for respondin, actually the main problem I encounter is that when I create brute force word list the size is extremely big, so I can't really make a alpha-numeric woldlist which has more than 5 characters, so I'm looking for a more efficient way of creating compressed wordlists, and btw idk the compression options in cruch end up showing me an error
Inventor 707 if you want to crack passwords, use little wordlist, with a botnet. cracking from thousands of pcs is more effective than using a huge wlist
run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
remember him blaming his laptop for being clumsy on the keyboard? 7 videos later, same struggle. The guy who 8 fingers but rather should use only point fingers
I type in the command and it says: Detected By: Author Posts - Display Name (Passive Detection) | Confirmed By: | Rss Generator (Passive Detection) | Author Id Brute Forcing - Author Pattern (Aggressive Detection) | Login Error Messages (Aggressive Detection) What should I do now????????????????????????????????????
chances on a real one are slim even with the 14 million rockyou wordlist. your grandkids would still be sat at the pc at age 80 and still wouldnt have cracked it. the password needs to be in the wordlist? what's the chances of that and how long will it take to find? hack the box and try hack me all the passwords are in the wordlists built in with kali so it might seem easy on one of them ones but on a real target out in the wild.....its going to take decades possibly the age of the universe depending on the complexity of password. if its not using a mix of uppercase, lowercase, number and special character then it will be easy. but we all use that sort of policy as most websites use that sort of thing if you don't put any in then you are not agreeing to the policy conditions/terms and wont be allowed to create an account so u need to stick with password policy and staff should all know what kind of password to use its just basic baby stuff lol no ones going to hold their hand if they cant set up a password lol. they going to get fire on the spot for that shit lol
I think you underestimate how clueless most regular people are about their online security, and how many extremely flimsy auth systems are still in use. And I'm not just talking about small companies/individuals.
brother make a video aND TEACH US HOW TO BUILD SIMPLE WORPDRESS SITE AS BLOG than we can see comments and our repsonses on them. WITH EMAIL NOTIFICATION ON LOCALHOST THEN WE UPLOAD IT ON FREE HOSTING LIKE 000webhost pls..and thanks again
For those people who are watching this video right now ... to type in the url the command is not -u now its -url so you will have to type in that when putting in the address
--url -e u vp --force -
The --wordlist was in the v2, use the --passwords option in the v3:
wpscan --url example.com --username admin --password passwd.txt
Idk if it works or not
I didnt try
@@b07x have you tried it yet?
If not i will test it
@@b07x no , its like this
wpscan --url *********** --enumerate u -P //path.txt. . . . .
it has the most of the famous website's passwords like yahoo gmail
6:58 wordlist.txt selected, 75 bytes
I do noticed that 😂
Very good video. Good video showing instructions and giving tips on working and practice pen-testing in your own lab.
+Hector Garcia Jr Thanks for the feedback and support
Sir, share ur wordlist
I'm wondering what was the relevance of the "File Manager" plugin?
sorry, but my kali linux does not working, do you have any idea why it doesn't works well ?
As always you did it very well, thanks man
Thanks for the support.
that's awesome keep up loading cool stuff like this
Will do.
does wpscan package is free to use for commercial ?@HackerSploit
That ip that ur giving is ur virtual machine turnkey linux ip right
would you mind sharing the wordlist used in this video for bruteforcing passwords
Thanks for your posting this video. But could you show me where can I get wordlist.text file?
it doesn't work and I can get wordlist file.
Thank you
@@jaxon496 I tried for long times, but couldn't find.
download seclists off github then type in locate seclists then it cd into seclists passwords section then tar the file as rockyou.txt needs to be compressed as it is 14 million words long lol. but even with the wordlist if u are trying to do it with a real word press site your grand kids will 80 by the time the password is cracked they will still be sat there at 80 scratching their heads
@@ashleybishton742 😂😂 true.
How Can I get this Virtual Lab ??
what is the target machine is here
Where did u get the wordlist from?
hi.thnx for your nvideo. where i can find the wordlist please?
really interesting videos thank you for all the effort you put in explaining your videos.
And Please I would like to see more tutorials on exploiting web servers ect .
.
Thank you for the support, I will continue making videos on web servers.
How , and where do i download vulnerable Wpscan ....pls help
nicely explained as always :-)
how do i find the password to content that is password protected, or can i do the same for that?
i am using pentestbox and keep getting error as my text isnot found where do i put the wordlist as i know it is in the directory but how do i find the directory of pentextbox
Can you use wpscan with virtual box?
This was a fun one! Thanks!
Best tutorial ever
How long does it take for password to finish bruteforcing?
a blackhaat's first act is to make a new admin user for himself, delete the original admin so they cant recuperate per email, and relogin as the new admin. then and only then should one mess with 404 pages and small things like that. take control first before showing off. Still though, WPScan was well explained. Thanks
Do you know how to use kajack in kali?
it works only with --url example.com --enumerate u
If I'm using Ubuntu 4.20 on my windows 10, how can I know what the path is of the file containing the passwords? can someone help me please so I know what path to use?
Can you share that wordlist ??
@peroh Suree like that isnt going to take 55 days to complete
It only has 12 passwords, thats the reason why its that fast
@peroh Like literally i puted a rockyou list and it showed that it will complete in 55days
while doing that they would patch the brute forcing metod :/
@@nikolanojic6861 That sounds like a really slow PC :|
@@GOTHICforLIFE1
FX 6300 (6 cores 4.3Ghz)
8GB RAM
R7 360 2GB
Thanx for your continuous teachings. I have been able to relearn some of what I've forgot. Continue to pump out the vids. Your fans are watching and supporting.
-Glitch00010001
I get a dont get it "url" (403) error how ı fix it
5:54 haha "immediately I have everything"
Great work !
i am totally new here. what required to do all of this, anything i need to download? im windows user. hope can help from u. and i ready to join your course after testing this. please help me. My friend.
lol
There's no real hacker in youtube. Find proper class to study about it
@@MrLennonson Of course there are , check "The Cyber Mentor"
Can you give us download link for your wordlist please.
yes I need the same
@@sg-rf8xs got want?
@@8080VB I didn't get that
Guys in 2021 -u is changed to --url ( to specify a url address) n
the scan should be
wpscan --url 192.168.0.00 -e vp
Hello Brother
@@bulbulahmedrabbi4056 hi there
@@8080VB I want to contact you personally.
Would you give me your whatsapp number?
@@bulbulahmedrabbi4056 discord?
can you give us a link to your wordlist ?
@love spoofing worked for you?
@love spoofing really?? You generated or using this file?
@love spoofing ok lemme try
@love spoofing na its not cracked. .
@love spoofing hmm but not.
Wordlist doesn't always crack passwords. :/
Yes, but powerful ones do.
HackerSploit That last line of description tho 😃🇮🇳 💓 .
Can you share any powerful one?
if your having issues because --wordlist is not a valid command try to run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
if i have 5 username and i want brute force 1 user what is the command i have try many command but always brute force all users
Nice work! Go on! :-)
Will do.
can i get worldl;ist
Which ip entered
Bro love U from sudan ♥
Great informative video. Could you make a video following on from this gaining a backdoor please ?
can you make a video on creating a large wordlists in future?????
Yes.
yeah i already have that, but i want to make an word list that is alpha numeric and has 1-10 character strings,i already have tried that with crunch but every time i try that, crunch seems to show an error so i wanted to know if there is an alternative tool for this purpose
Use cupp. It is truly powerful, helped me crack a wifi pass. it was Uszoda2009.
oNerkzei (1v1er) thanks for respondin, actually the main problem I encounter is that when I create brute force word list the size is extremely big, so I can't really make a alpha-numeric woldlist which has more than 5 characters, so I'm looking for a more efficient way of creating compressed wordlists, and btw idk the compression options in cruch end up showing me an error
Inventor 707 if you want to crack passwords, use little wordlist, with a botnet. cracking from thousands of pcs is more effective than using a huge wlist
@HackerSploit Sir please let me know how to install wordpress in debian...??
Well done
Good job!
What would be the reason/s for wpscan not enumerating usernames?
Please share the wordlist
Please Sir can you provide the password world list that u have 🙇
Second comment... Thank you alexis...
Welcome.
Can you provide me a dedicated wordpress site url? , my aim is to academic purpose.
what if the password is not on the wordlist?
wordlist option not found
run the following command replace yourtarget.com/ with your target url and the wordlist path on the end like so: wpscan --url --password-attack yourtarget.com/ /root/Desktop/wordlist.txt hope this helps
wpscan --url www.target.com/ -e u -U -P /root/Desktop/wordlist.txt
very cool
remember him blaming his laptop for being clumsy on the keyboard? 7 videos later, same struggle. The guy who 8 fingers but rather should use only point fingers
Thanks sir
Welcome.
Can you send links to get good wordlists? @hackersploit
I will make a video on wordlists
@@HackerSploit when
Google.com there u go
Thanks alot was just thinking about how to reverse shell a website.
Nice video ❤
+Moaz El-sawaf Thanks
Your welcome sir ❤
amazing
Hai , can you guys help me hack, its for a rude client who denied me of cpanel access and wordpress website acess
Wordlist??
ERROR= " Scan Aborted: The remote website is up, but does not seem to be running WordPress."
please help!!
Curb your wordpress assumptions
How to save the website after hacked
Mean? Just save the username n pwd
Bro how can i get someone’s wifi password? 😅 i really need it to learn about it cause i my daily data limit no sufficient for me 😢
Also i have a request. Easy but cool. Can you show us one tool piped | into another tool? peace.
Yes, will do.
hello sir,,, i want to need your wordlist download links...............please send and help us...........?
I need ur wordlist.txt package
I'll be making the video
HackerSploit k bro..
Sir can you please share the source to download turnkey linux that you used in this video
Can you link the wordlist? Or share it with google drive or dropbox ... Great video .
I will make a video on wordlists
HackerSploit wordlist
I type in the command and it says:
Detected By: Author Posts - Display Name (Passive Detection)
| Confirmed By:
| Rss Generator (Passive Detection)
| Author Id Brute Forcing - Author Pattern (Aggressive Detection)
| Login Error Messages (Aggressive Detection)
What should I do now????????????????????????????????????
Yeah same issue
Lol I was literally a noob 4 years back, great to see where I've reached now!
Finally
Hello Brother
Likes and upload date is same ☺
good
Is this work on android?
All hail are hakr guru. Namaste Respect
Thanks for the support!
i like your intro song
ZaniddTV What are u doing here zanidd?
p gu enjoying the intro song. obviously :P
Thanks.
Notification squad
#NotificationSquad
This man sounds like Mufti Menk lol
lol hes cheating , he knw the password n he just only added the password with 16 words to the wordlist.txt
hi
Hello.
Pliz bro 1 gmail account hack pliz reply
lol, ur wordlist was only 54 bytes. you stored the exact password there
Don't install nulled themes and plugins.
Can you send me word list.
Make a tch hydra tutorial plz
Yes, will do
fsociety folder... lol
chances on a real one are slim even with the 14 million rockyou wordlist. your grandkids would still be sat at the pc at age 80 and still wouldnt have cracked it. the password needs to be in the wordlist? what's the chances of that and how long will it take to find? hack the box and try hack me all the passwords are in the wordlists built in with kali so it might seem easy on one of them ones but on a real target out in the wild.....its going to take decades possibly the age of the universe depending on the complexity of password. if its not using a mix of uppercase, lowercase, number and special character then it will be easy. but we all use that sort of policy as most websites use that sort of thing if you don't put any in then you are not agreeing to the policy conditions/terms and wont be allowed to create an account so u need to stick with password policy and staff should all know what kind of password to use its just basic baby stuff lol no ones going to hold their hand if they cant set up a password lol. they going to get fire on the spot for that shit lol
I think you underestimate how clueless most regular people are about their online security, and how many extremely flimsy auth systems are still in use. And I'm not just talking about small companies/individuals.
I want to hack a wordpress acc
4th
Rip english
Why make this video use the wordlist and don't share it ? 👎👎
BROTHER SEND US THE LINK OF YOUR SPECIAL WORDLIST HAHAHAHAH;you can upload it on mediafire please brother and thanks a lot of
wordlists.capsop.com/
7th, dang
brother make a video aND TEACH US HOW TO BUILD SIMPLE WORPDRESS SITE AS BLOG than we can see comments and our repsonses on them. WITH EMAIL NOTIFICATION ON LOCALHOST THEN WE UPLOAD IT ON FREE HOSTING LIKE 000webhost pls..and thanks again