Member-only story
How I find valuable exploit in local bank website
I was just sitting in my room and try to find some valuable data on internet. I decided to exploit local bank website the consequences was so terrible. Open my Linux laptop install exploiting local bank website.
I was using WPScan WordPress scanning tool . that help me to identify common one abilities that can be exploit. First of all I start scanning website with without key and the result was not so good even I found some normal level accessories but it was blocking by bank firewall system.
Command i use :
This Command help me a lot of time to scan WordPress website since i start using WordPress scanner i have some others scripts i will share on my Medium profile .
wpscan --url https://www.XX.com --api-token xxxxxxxxxxxxxxxxxx --ignore-main-redirect -e , u So try to scan the website with force it’s still didn’t show me anything value. Then I use my API key that help me to exploit website more deeper.
[+] XML-RPC seems to be enabled: https://www.XX.com/xmlrpc.php
| Found By: Link Tag (Passive Detection)
| Confidence: 30%
| References:
| - http://codex.wordpress.org/XML-RPC_Pingback_API
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/
| - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/
[+] Debug Log found: https://www.XX.com/src/debug.log
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%
| Reference: https://codex.wordpress.org/Debugging_in_WordPress
[+] A backup directory has been found: https://www.XX.com/src/backup-db/
| Found By: Direct Access (Aggressive Detection)
| Confidence: 70%
| Reference: https://github.com/wpscanteam/wpscan/issues/422
[+] This site has 'Must Use Plugins': https://www.XX.com/src/mu-plugins/
| Found By: Direct Access (Aggressive Detection)…
