Hey Folks, today we have come up with a very tremendous tool called “WPrecon” which is specially made for WordPress reconnaissance or penetration testing purposes.
About WPrecon Tool
WPrecon (WordPress Recon) is a tool for wordpress exploration, fully developed in golang, to get better performance from your device. We are still in the alpha/beta phase, there are still bugs to be fixed, but we are discovering them over time. The focus is to make wprecon the best wordpress exploration tool, and keeping wprecon for free.
Let’s take a look 😛 !!
Dependencies Setup – Golang Installation
Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. The Wprecon tool is designed in the Go language, so we have to install the Go language environment in our linux machine to operate this tool.
1 | apt install golang |
Wprecon Tool Installation
Now we have come here to set up this tool. We execute the git command to download the tool from gitub, go to the directory and boot the tool directly from the go utility.
1 2 3 | git clone https://github.com/blackcrw/wprecon.git cd wprecon/ go run main.go |
Also, you can identify all the features available in this tool using the help command.
1 | go run main.go --help |
Enumerate WordPress Users
As we told you, the tool is only designed to penetrate WordPress cms, so we have configured a WordPress CMS on our kali linux machine to use this tool. All we have to do is enter the URL of the target and give the parameter we want to get. When we execute the command it dumps all usernames from the target.
Usage 🙂 !! go run main.go –url –users-enumerate
1 | go run main.go --url https://secnhack.in --users-enumerate |
Enumerate WordPress Plugins
As above, we will try to enumerate the plugins using the following command.
Usage 🙂 !! go run main.go –url –plugins-enumerate
1 | go run main.go --url https://secnhack.in --plugins-enumerate |
Nice 😛 !! Likewise, we get more such features in this tool to get useful information from target WordPress CMS.
WPrecon (GUI)
The article is not finished yet because we have a GUI version of this tool if you are not able to operate kali linux.
1 | https://wprecon.com/ |
Analysis – Version
All you have to do is give the URL of the target and it will dump all the information just like the command line tool.
Server Details
You can see the public IP address of the target website along with the hosting provider and server details.
Plugins
One thing we noticed is that the website of this tool is better than the command line utility.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
Wow, wonderful blog layout! How long have you been blogging for?
you make blogging look easy. The overall look of your site is great, let alone
the content!
Thanks for your valuable comment 🙂 !!
Hello there! This is kind of off topic but I need some advice from an established blog.
Is it very difficult to set up your own blog? I’m not very techincal but I can figure
things out pretty fast. I’m thinking about making my own but I’m not sure where to
start. Do you have any points or suggestions? Thank you
Hello, I enjoy reading through your article. I wanted to
write a little comment to support you.
Thank you a lot for sharing this with all folks you really know what you are
talking about! Bookmarked. Please additionally visit my website =).
We can have a link trade contract between us
Today, while I was at work, my sister stole my iPad and tested to see if
it can survive a forty foot drop, just so she can be a youtube sensation.
My iPad is now broken and she has 83 views. I know this is totally off topic but I had to share it with someone!
Write more, thats all I have to say. Literally, it seems as though you
relied on the video to make your point. You clearly know what youre talking
about, why throw away your intelligence on just posting videos to your
site when you could be giving us something informative to read?
You will have to price them sufficient to generate a income and may assist your self.
First, you must tally up what everything costs and
also the effort price ranges, then add a considerable income border to guarantee good results.
My brother recommended I might like this web site. He was
totally right. This post actually made my day. You can not imagine just how
much time I had spent for this info! Thanks!
Older designs are usually less costly purchase in the first place nonetheless they will not
likely act as nicely.