Home 0P3N Blog WPForce - Wordpress Attack Suite
Ready to Start Your Career?
Create Free Account
authors profile image
January 1, 2016

WPForce - Wordpress Attack Suite

January 1, 2016
authors profile image
January 1, 2016
WPForce is a suite of Wordpress Attack tools. Currently this contains 2 scripts - WPForce, which brute forces logins via the API, and Yertle, which uploads shells once admin credentials have been found. Yertle also contains a number of post exploitation modules. For more information, visit the blog post here: https://www.n00py.io/2017/03/squeezing-the-juice-out-of-a-compromised-wordpress-server/ FEATURES: Brute Force via API, not login form bypassing some forms of protection Can automatically upload an interactive shell Can be used to spawn a full featured reverse shell Dumps WordPress password hashes Can backdoor authentication function for plaintext password collection Inject BeEF hook into all pages Pivot to meterpreter if needed The tool: https://github.com/n00py/WPForce This is brilliant, i will definitely use it. yw! saadibabar Thanks yw! 812teck šŸ˜€ yw! cybermo
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry