WordPress Takeover im Lab: WPScan → Admin-Creds → Reverse Shell (Metasploit) скачать в хорошем качестве

WordPress Takeover im Lab: WPScan → Admin-Creds → Reverse Shell (Metasploit)

In diesem Video machen wir einen kompletten WordPress-Lab/CTF Walkthrough: Recon → Enumeration → WPScan → Credentials → Reverse Shell / Session. Ablauf (high level) Target finden (Network Sweep) & Nmap Scans Web-Enumeration: Subdirs, Tech-Fingerprinting (WhatWeb/Wappalyzer) WordPress identifizieren & sauber enumerieren. WPScan: User-Enumeration + relevante Findings Dictionary Attack (rockyou) → valide Admin-Credentials Metasploit (nachvollziehbar fürs Lab): Plugin/Payload → Reverse Shell / Meterpreter Session Lab-VM (wie im Video) VulnHub: Basic Pentesting: 1 https://www.vulnhub.com/entry/basic-p... 00:00 Intro & Ziel (WordPress Lab/CTF) 00:51 Network Sweep → Target finden 01:14 Nmap Stealth Scan (Ports) 02:10 Nmap -A / Service & Web Hinweise 03:30 HTTP Enum / erstes “Secret” 04:10 Directory Brute Force (dirb) 05:46 Browser Check + Wappalyzer / Source 06:59 Hosts-Eintrag fixen (/etc/hosts) 08:45 WhatWeb / WordPress Hinweise 09:58 WPScan Setup + erste Findings 11:23 WPScan User Enumeration 12:18 Dictionary Attack (rockyou) 16:35 Metasploit: WP Admin → Payload / Plugin 19:06 Reverse Shell / Session steht #CyberSecurity #Pentesting #EthicalHacking #WordPress #WPScan #Nmap #Metasploit #CTF #WebSecurity #RedTeam