{"id":19310539,"url":"https://github.com/sepppenner/wordpressattack","last_synced_at":"2025-02-24T03:26:30.936Z","repository":{"id":82869710,"uuid":"132929514","full_name":"SeppPenner/WordPressAttack","owner":"SeppPenner","description":"WordPressAttack is written and tested in Python 3. Its purpose is to describe how a wordpress website can be attacked.","archived":false,"fork":false,"pushed_at":"2020-06-04T15:02:38.000Z","size":17,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-06T02:10:38.352Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SeppPenner.png","metadata":{"files":{"readme":"README.md","changelog":"Changelog.md","contributing":null,"funding":null,"license":"License.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-05-10T16:53:32.000Z","updated_at":"2020-06-28T16:25:36.000Z","dependencies_parsed_at":null,"dependency_job_id":"3eeb5385-8267-4fed-b6e6-fd2bf3873177","html_url":"https://github.com/SeppPenner/WordPressAttack","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SeppPenner%2FWordPressAttack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SeppPenner%2FWordPressAttack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SeppPenner%2FWordPressAttack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SeppPenner%2FWordPressAttack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SeppPenner","download_url":"https://codeload.github.com/SeppPenner/WordPressAttack/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240411619,"owners_count":19797121,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-10T00:24:41.755Z","updated_at":"2025-02-24T03:26:30.907Z","avatar_url":"https://github.com/SeppPenner.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WordPressAttack\n\nWordPressAttack is written and tested in Python 3. Its purpose is to describe how a wordpress website can be attacked.\n\n[![Build status](https://ci.appveyor.com/api/projects/status/5vxr69c6mmgyvj7m?svg=true)](https://ci.appveyor.com/project/SeppPenner/wordpressattack)\n[![GitHub issues](https://img.shields.io/github/issues/SeppPenner/WordPressAttack.svg)](https://github.com/SeppPenner/WordPressAttack/issues)\n[![GitHub forks](https://img.shields.io/github/forks/SeppPenner/WordPressAttack.svg)](https://github.com/SeppPenner/WordPressAttack/network)\n[![GitHub stars](https://img.shields.io/github/stars/SeppPenner/WordPressAttack.svg)](https://github.com/SeppPenner/WordPressAttack/stargazers)\n[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://raw.githubusercontent.com/SeppPenner/WordPressAttack/master/License.txt)\n[![Known Vulnerabilities](https://snyk.io/test/github/SeppPenner/WordPressAttack/badge.svg)](https://snyk.io/test/github/SeppPenner/WordPressAttack)\n\n## How does it work:\n\n1. Find a website to attack. I will not attack the website but I chose the following just for reference: https://pcgames-download.com/\n2. Find out usernames by attaching ?author=1, ?author=2 and so on at the end of the url with Wordpress, e.g. https://pcgames-download.com/?author=1 or https://pcgames-download.com/?author=2.\nThis will give you the real authors' names, e.g. https://pcgames-download.com/author/pcgdwadm/ or https://pcgames-download.com/author/enigma/\n3. Now we got the user names pcgdwadm and enigma. Probably, pcgdwadm is an admin and more interesting.\n4. Create a password list with this programm [WordPressAttackPasswordGenerate.py](https://github.com/SeppPenner/WordPressAttack/tree/master/WordPressAttackPasswordGenerate.py) or with a password list you already own.\n5. Run the [WPForce](https://github.com/n00py/WPForce) projekt on Kali or any system to attack the WordPress website.\n\n## Disclaimer:\n\nI am neither responsible for damage on any system nor for any hacking attempts from you guys here :smile:\n\nAnother thing: If anyone really tries to hack, there are few things to notice:\n\n1. Smart people block their attempts per IP address whenever e.g. 5 times a password is wrong. As far as I found out, https://pcgames-download.com/ doesn't!\n2. Always use proper protection, e.g. VPNs and Tor in combination.\n\n## How do you start the project:\n\n```python\nPython WordPressAttackPasswordGenerate.py\n```\n\nPlease modify the following line as you like in the [WordPressAttackPasswordGenerate.py](https://github.com/SeppPenner/WordPressAttack/tree/master/WordPressAttackPasswordGenerate.py) file:\n\n```python\ngenerator=itertools.combinations_with_replacement('abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVW_.,;:!?ß[](){}/\\%\u0026$§\"@€^°+-*', 15)\n```\n\n## Sources:\n\nhttps://stackoverflow.com/questions/11747254/python-brute-force-algorithm\n\nhttps://github.com/n00py/WPForce\n\nhttps://gist.github.com/roachhd/1f029bd4b50b8a524f3c\n\nhttps://hackertarget.com/attacking-wordpress/\n\nhttps://gist.github.com/pazdera/1121315\n\nhttps://stackoverflow.com/questions/11747254/python-brute-force-algorithm\n\n\nChange history\n--------------\n\nSee the [Changelog](https://github.com/SeppPenner/WordPressAttack/blob/master/Changelog.md).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsepppenner%2Fwordpressattack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsepppenner%2Fwordpressattack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsepppenner%2Fwordpressattack/lists"}