hzm74 Posted January 29, 2015 Share Posted January 29, 2015 Hello, Yesterday I tried this tool called wpscan on kali. It is a scanner that scans a website build with Wordpress. It can scan for user-names. After that with the help of a wordlist you can try to bruteforce the passwords for these users. But I find it not to be very fast. Now I'm thinking if it is possible to use another tool like hashcat to do the bruteforcing. Like piping hashcat output to wpscan. Does anyone know if this is possible or does know another way to speed things up. Thnx, just hoping to learn here! Quote Link to comment Share on other sites More sharing options...
digininja Posted January 29, 2015 Share Posted January 29, 2015 Hashcat is a tool for offline cracking password hashes, wpscan is an online password bruteforcer. If you want to use a tool (any tool) to generate the password list that wpscan uses then you still have to pass it through wpscan so it doesn't matter how fast the passwords are generated they will still be sent to the site at the same rate. And I can't remember off hand if wpscan will take a password list in through stdin rather than as a file so you might not be able to do it anyway. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.