Commit 602b00a6 authored by bobloblaw's avatar bobloblaw
Browse files

Update common_web-services.md

parent 5aabb075

common_web-services.md

+18 −0
Original line number Diff line number Diff line
@@ -109,3 +109,21 @@ upload a file called shell443.txt, which of course is you .asp shell. And then y 
http://secureyes.net/nw/assets/Bypassing-IIS-6-Access-Restrictions.pdf



## Wordpress





```

sudo wpscan -u http://cybear32c.lab

```



If you hit a 403. That is, the request if forbidden for some reason.

Read more here: https://en.wikipedia.org/wiki/HTTP_403



It could mean that the server is suspicious because you don't have a proper user-agent in your request, in wpscan you can solve this by inserting --random-agent.

You can of course also define a specific agent if you want that. But random-agent is pretty convenient.

```

sudo wpscan -u http://cybear32c.lab/ --random-agent

```



### Scan for users



You can use wpscan to enumerat users:
 
 No newline at end of file