PDA

View Full Version : installed kali linux and used wpscan but got an error!



studenthhs
2013-05-25, 16:24
ok so i have installed kali linux and i used wpscan to test if i could hack my wordpress site, so i used enumerate u from the help commands and i found my username but now i have to crack the password. So i tried to input the command to crack the password for admin name

-Do wordlist password brute force on the 'admin' username only ...

ruby /usr/bin/wpscan --url www.my site.com --wordlist darkc0de.lst --username my admin name

but i get an error saying there is no such file or directory? i have downloaded a wordlist called darkc0de.lst and i have saved it on desktop but it cant finde the wordlist!
i tried to change the end of the name to txt but it still cant finde the wordlist, so i think i have to input the wordlist in the same directory as wpscan is in bu i cant finde usr/bin/wpscan? i have tried everything.

and yes i am a newbie and i want some help because i am a widnows user and linux is very hard for me but i am eager to learn...

so please if somebody can help me with my dilemma i would appreciate it very much, when i saw that it found my username i god thirsty to learn more about security.

:)

zimmaro
2013-05-26, 08:13
ok so i have installed kali linux and i used wpscan to test if i could hack my wordpress site, so i used enumerate u from the help commands and i found my username but now i have to crack the password. So i tried to input the command to crack the password for admin name

-Do wordlist password brute force on the 'admin' username only ...

ruby /usr/bin/wpscan --url www.my site.com --wordlist darkc0de.lst --username my admin name

but i get an error saying there is no such file or directory? i have downloaded a wordlist called darkc0de.lst and i have saved it on desktop but it cant finde the wordlist!
i tried to change the end of the name to txt but it still cant finde the wordlist, so i think i have to input the wordlist in the same directory as wpscan is in bu i cant finde usr/bin/wpscan? i have tried everything.

and yes i am a newbie and i want some help because i am a widnows user and linux is very hard for me but i am eager to learn...

so please if somebody can help me with my dilemma i would appreciate it very much, when i saw that it found my username i god thirsty to learn more about security.

:)
hi :)
this is NOT the right solution(i think for kali) but it works ....!!!!!

http://wpscan.org/
Installing on Debian/Ubuntu:

sudo apt-get install libcurl4-gnutls-dev libopenssl-ruby libxml2 libxml2-dev libxslt1-dev ruby-dev

git clone https://github.com/wpscanteam/wpscan.git

cd wpscan

sudo gem install bundler && bundle install --without test development

./wpscan.rb ................................................

studenthhs
2013-05-26, 12:43
thanks but i figurate it out. i needed a wordlist

studenthhs
2013-05-26, 14:23
does somebody know where i can get a quality passwordlist so that i can brute force? the wordlist that i have from darkc0de.lst is not giving any results.

zimmaro
2013-05-26, 16:42
does somebody know where i can get a quality passwordlist so that i can brute force? the wordlist that i have from darkc0de.lst is not giving any results.

I'm sorry .. I realized that it gave you a wpscan error!

I'm not expert of wordlist but if you want to take a look:
http://blog.g0tmi1k.com/2011/06/dictionaries-wordlists.html

Prince Authur
2013-11-05, 12:42
helpful ,thanks

blackMORE
2013-11-05, 17:36
Quoting official Kali documentation, If you are looking for a Linux distribution to learn the basics of Linux and need a good starting point, Kali Linux is not the ideal distribution for you. You may want to begin with Ubuntu or Debian instead.

Pinni3
2014-01-06, 09:33
if you did an installation, just out of the box.

instead of using the command ruby ./wpscan -- url http://www.test.com
or ruby usr/bin/wpscan -- url http://www.test.com

use just wpscan -- url http://www.test.com

Works like a charm

greets Pinni3