WPSEC article: Cracking WordPress Passwords with John the Ripper
- This topic is empty.
July 2024 promo! Join our Discord free of charge.
makes it look way too easy to crack WP passwords
omg
Now that we have the hashes, we can use a password-cracking tool called John the Ripper (john) to crack it. It comes pre-installed on Kali Linux and is available in most other Linux distros via their package managers (e.g. apt install john). Unfortunately, the john package shipped with apt in Ubuntu and Debian are incomplete (they are not the jumbo version which includes support for everything), so you might have better luck running it with Docker on non-Kali distros.
oh great….. here come the Kali Linux stans
Doesn’t WordPress still use basic MD5 hashing for user passwords in Mysql? might be part of the problem?
you might have better luck running it with Docker on non-Kali distros.
Imagine being a hackzor and running Docker to crack passwords lmaooo
I thought WP Core was moving to bcrypt for passwords
We champion core values like free speech, transparency, and portability, and welcome anyone else who does too.
Here is a non-exhaustive list of plugins, themes, and other services that we recommend checking out.
Every stack script and server deployment platform is a bit different, so check to see how SlickStack compares.
Subscribe to our free newsletter to receive occassional updates, we respect your privacy and do not sell your information.
Here’s some of the incredible performance features you can expect after launching your SlickStack cloud VPS.
If you are wondering what specific problems SlickStack can help solve, browse some of the solutions below.
In lieu of donations, please show your support by mentioning SlickStack on your blog or write a review. Thank you!