Jump to content

wpscan and haschat


Recommended Posts


Yesterday I tried this tool called wpscan on kali.

It is a scanner that scans a website build with Wordpress.

It can scan for user-names. After that with the help of a wordlist you can try to bruteforce the passwords for these users.

But I find it not to be very fast.

Now I'm thinking if it is possible to use another tool like hashcat to do the bruteforcing. Like piping hashcat output to wpscan.

Does anyone know if this is possible or does know another way to speed things up.

Thnx, just hoping to learn here!

Link to comment
Share on other sites

Hashcat is a tool for offline cracking password hashes, wpscan is an online password bruteforcer.

If you want to use a tool (any tool) to generate the password list that wpscan uses then you still have to pass it through wpscan so it doesn't matter how fast the passwords are generated they will still be sent to the site at the same rate.

And I can't remember off hand if wpscan will take a password list in through stdin rather than as a file so you might not be able to do it anyway.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...